CVE-2016-8611
Severity Score
6.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
Se ha encontrado una vulnerabilidad en Openstack Glance. No se aplican límites en el servicio de imagen Glance para las v1 y v2 del método POST de la API "/images" para usuarios autenticados. Esto resulta en posibles ataques de denegación de servicio (DoS) mediante la saturación de la tabla de la base de datos.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2016-10-12 CVE Reserved
- 2016-11-16 CVE Published
- 2023-12-22 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/oss-sec/2016/q4/266 | Mailing List |
|
| http://www.securityfocus.com/bid/94378 | Third Party Advisory | |
| http://www.securitytracker.com/id/1037312 | Third Party Advisory | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05333384 | 2023-02-12 |