CVE-2013-4155

CWE-119Buffer Overflow11 documents8 sources
Severity
4.0MEDIUM
EPSS
1.0%
top 22.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Openstack Swift
Timeline
PublishedAug 20
Latest updateMay 17

Description

OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated users to cause a denial of service ("superfluous" tombstone consumption and Swift cluster slowdown) via a DELETE request with a timestamp that is older than expected.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages3 packages

NVDopenstack/swift1.9.0+23
PyPIswift< 1.9.1
Debianswift< 1.8.0-7+3

🔴Vulnerability Details

4
GHSA
OpenStack Swift allows authenticated users to cause a denial of service2022-05-17
OSV
OpenStack Swift allows authenticated users to cause a denial of service2022-05-17
OSV
CVE-2013-4155: OpenStack Swift before 12013-08-20
CVEList
CVE-2013-4155: OpenStack Swift before 12013-08-20

📋Vendor Advisories

3
Ubuntu
Swift vulnerability2013-10-23
Red Hat
OpenStack: Swift Denial of Service using superfluous object tombstones2013-08-07
Debian
CVE-2013-4155: swift - OpenStack Swift before 1.9.1 in Folsom, Grizzly, and Havana allows authenticated...2013

💬Community

3
Bugzilla
CVE-2013-4155 openstack-swift: OpenStack: Swift Denial of Service using superfluous object tombstones [epel-6]2013-08-07
Bugzilla
CVE-2013-4155 openstack-swift: OpenStack: Swift Denial of Service using superfluous object tombstones [fedora-all]2013-08-07
Bugzilla
CVE-2013-4155 OpenStack: Swift Denial of Service using superfluous object tombstones2013-08-03
CVE-2013-4155 (MEDIUM CVSS 4) | OpenStack Swift before 1.9.1 in Fol | cvebase.io