The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256.
El API "create instance" en OpenStack Compute (Nova) Folsom, Grizzly, y Havana no fuerza apropiadamente la propiedad os-flavor-access:is_public, lo que permite a usuarios remotos autenticados arrancar una versión arbitraria advinando el id de versión. NOTA: este problema es debido a una correción incompleta de CVE-2013-2256.
It was discovered that Nova did not properly enforce the is_public property when determining flavor access. An authenticated attacker could exploit this to obtain sensitive information in private flavors. This issue only affected Ubuntu 12.10 and 13.10. Grant Murphy discovered that Nova would allow XML entity processing. A remote unauthenticated attacker could exploit this using the Nova API to cause a denial of service via resource exhaustion. This issue only affected Ubuntu 13.10. Various other issues were also addressed.
