5

CVE-2013-0247

OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of log entries.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenstackKeystone Version >= 2012.1 <= 2012.1.3
OpenstackKeystone Version >= 2012.2 <= 2012.2.3
OpenstackKeystone Version >= 2013.1 <= 2013.1.2
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version12.10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.24% 0.867
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098906.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0253.html
Third Party Advisory
http://www.securityfocus.com/bid/57747
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-1715-1
Third Party Advisory
https://bugs.launchpad.net/keystone/+bug/1098307
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=906171
Patch
Third Party Advisory