[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

249622

 
 

909

 
 

195521

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2014-8750Date: (C)2014-10-16   (M)2023-12-22


Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 6.5
Exploit Score: 8.0
Impact Score: 6.4
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: SINGLE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: PARTIAL
  
Reference:
SECUNIA-60227
BID-70182
RHSA-2014:1689
RHSA-2014:1781
RHSA-2014:1782
http://lists.openstack.org/pipermail/openstack-announce/2014-October/000293.html
http://www.openwall.com/lists/oss-security/2014/10/14/9
https://bugs.launchpad.net/nova/+bug/1357372

CWE    1
CWE-362

© SecPod Technologies