5
CVE-2013-2014
- EPSS 3.24%
- Veröffentlicht 02.06.2014 15:55:09
- Zuletzt bearbeitet 06.05.2026 22:30:45
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
OpenStack Identity (Keystone) before 2013.1 allows remote attackers to cause a denial of service (memory consumption and crash) via multiple long requests.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fedoraproject ≫ Fedora Version19
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.24% | 0.867 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:N/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
https://bugs.launchpad.net/keystone/+bug/1099025
http://lists.fedoraproject.org/pipermail/package-announce/2013-July/111914.html
http://secunia.com/advisories/53397
http://www.securityfocus.com/bid/59936
https://bugs.launchpad.net/keystone/+bug/1098177
https://exchange.xforce.ibmcloud.com/vulnerabilities/84347