CVE-2013-2096
Severity Score
2.1
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service (host file system disk consumption) by creating an image with a large virtual size that does not contain a large amount of data.
Folsom, Grizzly y Havana de OpenStack Compute (Nova), no comprueba el tamaño virtual de una imagen QCOW2, lo que permite a los usuarios locales causar una denegación de servicio (consumo de disco del sistema de archivos host) creando una imagen con un gran tamaño virtual que sí, no contiene una gran cantidad de datos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2013-02-19 CVE Reserved
- 2013-05-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
CAPEC
References (6)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/59924 | Vdb Entry | |
| https://review.openstack.org/#/c/28717 | X_refsource_confirm | |
| https://review.openstack.org/#/c/28901 | X_refsource_confirm | |
| https://review.openstack.org/#/c/29192 | X_refsource_confirm |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.openstack.org/pipermail/openstack-announce/2013-May/000102.html | 2014-01-08 | |
| http://www.ubuntu.com/usn/USN-1831-1 | 2014-01-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openstack Search vendor "Openstack" | Folsom Search vendor "Openstack" for product "Folsom" | - | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Grizzly Search vendor "Openstack" for product "Grizzly" | - | - |
Affected
| ||||||
| Openstack Search vendor "Openstack" | Havana Search vendor "Openstack" for product "Havana" | - | - |
Affected
| ||||||