CVE-2016-8611
HP Security Bulletin HPSBGN03676 1
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
Se ha encontrado una vulnerabilidad en Openstack Glance. No se aplican límites en el servicio de imagen Glance para las v1 y v2 del método POST de la API "/images" para usuarios autenticados. Esto resulta en posibles ataques de denegación de servicio (DoS) mediante la saturación de la tabla de la base de datos.
A potential security vulnerability has been identified with HPE Helion OpenStack Glance image service. This vulnerability could be exploited remotely to allow a Denial of Service (DoS). Revision 1 of this advisory.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-10-12 CVE Reserved
- 2016-11-16 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| http://seclists.org/oss-sec/2016/q4/266 | Mailing List |
|
| http://www.securityfocus.com/bid/94378 | Third Party Advisory | |
| http://www.securitytracker.com/id/1037312 | Third Party Advisory | |
| https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8611 | Issue Tracking |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05333384 | 2023-02-12 |