CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2013-0270 – Keystone: Large HTTP request DoS
https://notcve.org/view.php?id=CVE-2013-0270
12 Apr 2013 — OpenStack Keystone Grizzly before 2013.1, Folsom, and possibly earlier allows remote attackers to cause a denial of service (CPU and memory consumption) via a large HTTP request, as demonstrated by a long tenant_name when requesting a token. OpenStack Keystone Grizzly antes de v2013.1, Folsom, y posiblemente versiones anteriores permite a atacantes remotos provocar una denegación de servicio (excesivo consumo de memoria y CPU) a través de una petición HTTP demasiado larga, tal y como lo demuestra un tenant_... • http://rhn.redhat.com/errata/RHSA-2013-0708.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 5EXPL: 0CVE-2013-0247 – Keystone: denial of service through invalid token requests
https://notcve.org/view.php?id=CVE-2013-0247
24 Feb 2013 — OpenStack Keystone Essex 2012.1.3 and earlier, Folsom 2012.2.3 and earlier, and Grizzly grizzly-2 and earlier allows remote attackers to cause a denial of service (disk consumption) via many invalid token requests that trigger excessive generation of log entries. OpenStack Keystone Essex v2012.1.3 y anteriores, y Grizzly grizzly-2 y anteriores permiten a atacantes remotos generar una denegación de servicio (consumo de disco) mediante una solicitud de token inválida que genera una excesiva cantidad de entrad... • http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098906.html • CWE-399: Resource Management Errors •