CVE-2014-9684 in Image Registry And Delivery Serviceinfo

Summary

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the uploads finish, a different vulnerability than CVE-2015-1881.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

02/19/2015

Disclosure

02/24/2015

Moderation

VulDB entry created

Entries

VDB-74287 (1)

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

4.3

EPSS

0.00580

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2014-9684
NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-9684
CVE Details	https://www.cvedetails.com/cve/CVE-2014-9684/

◂ Previous Overview Next ▸

Do you know our Splunk app?

Download it now for free!