Home > Vulnerability Database > CVE-2012-1585

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2012-1585

Date: August 16, 2012

OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.

Language: Python

Severity Score

4.3

Related Resources (11)

Url: http://osdir.com/ml/openstack-cloud-computing/2012-03/msg01133.html

Url: http://github.com/openstack/nova/commit/c869a41951b77c6930bf4fb4734f05cd3d6ac4b1

Url: http://lwn.net/Alerts/491298

Url: https://github.com/openstack/nova

Url: http://github.com/openstack/nova/commit/0fa7d12dbfb7ae016657dd91034b4c0781ea43de

Url: http://lwn.net/Alerts/491298/

Url: https://bugs.launchpad.net/nova/+bug/962515

Url: https://nvd.nist.gov/vuln/detail/CVE-2012-1585

Url: http://github.com/openstack/nova/commit/c7f526fae6062e9ab51f65474af71d496aa66554

Url: http://github.com/openstack/nova/commit/1ebec5726c7a9db0a6f29fad0ef747b0c087f702

Url: https://www.mend.io/vulnerability-database/CVE-2012-1585

Severity Score

4.3

Weakness Type (CWE)

Resource Management Errors

CWE-399

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	4.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us