CVE-2014-8124 — Uncontrolled Resource Consumption in Horizon
Severity
5.0MEDIUMNVD
EPSS
0.8%
top 25.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 12
Latest updateMay 13
Description
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.
CVSS vector
AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9
Affected Packages3 packages
Also affects: Fedora 21