Home > Vulnerability Database > CVE-2014-2573

Mend.io Vulnerability Database

CVE-2014-2573

Good to know:

Date: March 25, 2014

The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into rescue and then deleting the image.

Language: Python

Severity Score

4.9

Related Resources (6)

Url: http://www.openwall.com/lists/oss-security/2014/03/21/1

Url: http://secunia.com/advisories/57498

Url: https://bugs.launchpad.net/nova/+bug/1269418

Url: https://nvd.nist.gov/vuln/detail/CVE-2014-2573

Url: http://www.openwall.com/lists/oss-security/2014/03/21/2

Url: https://www.mend.io/vulnerability-database/CVE-2014-2573

Severity Score

4.9

Weakness Type (CWE)

Permissions, Privileges, and Access Control

CWE-264

Top Fix

Upgrade Version

Upgrade to version 2013.2.4

Learn More

CVSS v3

Base Score:	4.9
Attack Vector (AV):
Attack Complexity (AC):
Privileges Required (PR):
User Interaction (UI):
Scope (S):
Confidentiality (C):	COMPLETE
Integrity (I):	NONE
Availability (A):	NONE

CVSS v2

Base Score:	7.8
Access Vector (AV):
Access Complexity (AC):
Authentication (AU):
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2014-2573

Good to know:

Date: March 25, 2014

Language: Python

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3

CVSS v2

Do you need more information?