CVE-2015-7713 – openstack-nova: network security group changes are not applied to running instances
https://notcve.org/view.php?id=CVE-2015-7713
OpenStack Compute (Nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) do not properly apply security group changes, which allows remote attackers to bypass intended restriction by leveraging an instance that was running when the change was made. OpenStack Compute (Nova) en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.2 (kilo) no aplica correctamente los cambios de grupos de seguridad, lo que permite a atacantes remotos eludir las restricciones previstas mediante el aprovechamiento de una instancia que se estaba ejecutando cuando se hizo el cambio. A vulnerability was discovered in the way OpenStack Compute (nova) networking handled security group updates; changes were not applied to already running VM instances. A remote attacker could use this flaw to access running VM instances. • http://rhn.redhat.com/errata/RHSA-2015-2684.html http://www.securityfocus.com/bid/76960 https://access.redhat.com/errata/RHSA-2015:2673 https://bugs.launchpad.net/nova/+bug/1491307 https://bugs.launchpad.net/nova/+bug/1492961 https://security.openstack.org/ossa/OSSA-2015-021.html https://access.redhat.com/security/cve/CVE-2015-7713 https://bugzilla.redhat.com/show_bug.cgi?id=1269119 • CWE-254: 7PK - Security Features CWE-285: Improper Authorization •
CVE-2015-3280 – openstack-nova: Deleting instances in resize state fails
https://notcve.org/view.php?id=CVE-2015-3280
OpenStack Compute (nova) before 2014.2.4 (juno) and 2015.1.x before 2015.1.2 (kilo) does not properly delete instances from compute nodes, which allows remote authenticated users to cause a denial of service (disk consumption) by deleting instances while in the resize state. OpenStack Compute (nova) en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.2 (kilo) no elimina adecuadamente casos desde los nodos de cómputo, lo que permite a usuarios remotos autenticados provocar una denegación de servicio (consumo del disco) borrando instancias cuando entra en el estado de cambio de tamaño. A flaw was found in the way OpenStack Compute (nova) handled the resize state. If an authenticated user deleted an instance while it was in the resize state, it could cause the original instance to not be deleted from the compute node it was running on, allowing the user to cause a denial of service. • http://rhn.redhat.com/errata/RHSA-2015-1898.html http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html http://www.securityfocus.com/bid/76553 https://launchpad.net/bugs/1392527 https://security.openstack.org/ossa/OSSA-2015-017.html https://access.redhat.com/security/cve/CVE-2015-3280 https://bugzilla.redhat.com/show_bug.cgi?id=1257942 • CWE-399: Resource Management Errors CWE-772: Missing Release of Resource after Effective Lifetime •
CVE-2015-3241 – openstack-nova: Nova instance migration process does not stop when instance is deleted
https://notcve.org/view.php?id=CVE-2015-3241
OpenStack Compute (nova) 2015.1 through 2015.1.1, 2014.2.3, and earlier does not stop the migration process when the instance is deleted, which allows remote authenticated users to cause a denial of service (disk, network, and other resource consumption) by resizing and then deleting an instance. Vulnerabilidad en OpenStack Compute (nova) 2015.1 hasta la versión 2015.1.1, 2014.2.3 y anteriores, no detiene el proceso de migración cuando se borra la instancia, lo que permite a usuarios remotos autenticados causar una denegación de servicio (disco, red y otros consumos de memoria) modificando el tamaño y borrándo entonces la instancia. A denial of service flaw was found in the OpenStack Compute (nova) instance migration process. Because the migration process does not terminate when an instance is deleted, an authenticated user could bypass user quota and deplete all available disk space by repeatedly re-sizing and deleting an instance. • http://rhn.redhat.com/errata/RHSA-2015-1723.html http://rhn.redhat.com/errata/RHSA-2015-1898.html http://www.securityfocus.com/bid/75372 https://github.com/openstack/ossa/blob/482576204dec96f580817b119e3166d71c757731/ossa/OSSA-2015-015.yaml https://launchpad.net/bugs/1387543 https://security.openstack.org/ossa/OSSA-2015-015.html https://access.redhat.com/security/cve/CVE-2015-3241 https://bugzilla.redhat.com/show_bug.cgi?id=1232782 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •
CVE-2015-0259 – openstack-nova: console Cross-Site WebSocket hijacking
https://notcve.org/view.php?id=CVE-2015-0259
OpenStack Compute (Nova) before 2014.1.4, 2014.2.x before 2014.2.3, and kilo before kilo-3 does not validate the origin of websocket requests, which allows remote attackers to hijack the authentication of users for access to consoles via a crafted webpage. OpenStack Compute (Nova) anterior a 2014.1.4, 2014.2.x anterior a 2014.2.3, y kilo anterior a kilo-3 no valida el origen de las solicitudes websocket, lo que permite a atacantes remotos secuestrar la autenticación de usuarios para el acceso a consolas a través de una página web manipulada. It was discovered that the OpenStack Compute (nova) console websocket did not correctly verify the origin header. An attacker could use this flaw to conduct a cross-site websocket hijack attack. Note that only Compute setups with VNC or SPICE enabled were affected by this flaw. • http://lists.openstack.org/pipermail/openstack-announce/2015-March/000341.html http://rhn.redhat.com/errata/RHSA-2015-0790.html http://rhn.redhat.com/errata/RHSA-2015-0843.html http://rhn.redhat.com/errata/RHSA-2015-0844.html https://bugs.launchpad.net/nova/+bug/1409142 https://access.redhat.com/security/cve/CVE-2015-0259 https://bugzilla.redhat.com/show_bug.cgi?id=1190112 • CWE-345: Insufficient Verification of Data Authenticity •
CVE-2014-3708 – openstack-nova: Nova network denial of service through API filtering
https://notcve.org/view.php?id=CVE-2014-3708
OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request. OpenStack Compute (Nova) anterior a 2014.1.4 y 2014.2.x anterior a 2014.2.1 permite a usuarios remotos autenticados causar una denegación de servicio (consumo de CPU) a través de un filtro IP en una solicitud API para listar servidores activos. A denial of service flaw was found in the way OpenStack Compute (nova) looked up VM instances based on an IP address filter. An attacker with sufficient privileges on an OpenStack installation with a large amount of VMs could use this flaw to cause the main nova process to block for an extended amount of time. • http://lists.openstack.org/pipermail/openstack-announce/2014-October/000301.html http://rhn.redhat.com/errata/RHSA-2015-0843.html http://rhn.redhat.com/errata/RHSA-2015-0844.html http://www.securityfocus.com/bid/70777 https://bugs.launchpad.net/nova/+bug/1358583 https://access.redhat.com/security/cve/CVE-2014-3708 https://bugzilla.redhat.com/show_bug.cgi?id=1154951 • CWE-399: Resource Management Errors CWE-400: Uncontrolled Resource Consumption •