CVE-2012-1585

CWE-39911 documents7 sources

Severity

4.0MEDIUM

EPSS

0.5%

top 35.19%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openstack Nova

Timeline

PublishedAug 17

Latest updateMay 14

Description

OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages3 packages

▶NVDopenstack/nova2011.1 — 2011.3

▶PyPInova< 12.0.0a0

▶Debiannova< 2012-1~rc3-1+3

🔴Vulnerability Details

GHSA

OpenStack Nova Long server names grow nova-api log files significantly↗2022-05-14

▶

OSV

OpenStack Nova Long server names grow nova-api log files significantly↗2022-05-14

▶

CVEList

CVE-2012-1585: OpenStack Compute (Nova) Essex before 2011↗2012-08-17

▶

OSV

CVE-2012-1585: OpenStack Compute (Nova) Essex before 2011↗2012-08-17

▶

📋Vendor Advisories

Ubuntu

Nova vulnerability↗2012-03-29

▶

Debian

CVE-2012-1585: nova - OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users t...↗2012

▶

💬Community

Bugzilla

CVE-2012-1585 openstack-nova: Long server names grow nova-api log files significantly [fedora-16]↗2012-03-29

▶

Bugzilla

CVE-2012-1585 openstack-nova: Long server names grow nova-api log files significantly [epel-6]↗2012-03-29

▶

Bugzilla

CVE-2012-1585 openstack-nova: Long server names grow nova-api log files significantly [fedora-17]↗2012-03-29

▶

Bugzilla

CVE-2012-1585 openstack-nova: Long server names grow nova-api log files significantly↗2012-03-29

▶