CVE-2016-0737

CWE-399CWE-400Uncontrolled Resource Consumption11 documents8 sources
Severity
7.5HIGH
EPSS
5.8%
top 9.49%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Openstack Swift
Timeline
PublishedJan 29
Latest updateMay 17

Description

OpenStack Object Storage (Swift) before 2.4.0 does not properly close client connections, which allows remote attackers to cause a denial of service (proxy-server resource consumption) via a series of interrupted requests to a Large Object URL.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

NVDopenstack/swift2.3.0
PyPIswift< 2.4.0
Debianswift< 2.4.0-1+3
Ubuntuswift< 1.13.1-0ubuntu1.5

Patches

Patch: security.openstack.orgPatch: security.openstack.org

🔴Vulnerability Details

5
OSV
OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service2022-05-17
GHSA
OpenStack Object Storage (Swift) allows remote attackers to cause a denial of service2022-05-17
OSV
swift vulnerabilities2017-10-11
CVEList
CVE-2016-0737: OpenStack Object Storage (Swift) before 22016-01-29
OSV
CVE-2016-0737: OpenStack Object Storage (Swift) before 22016-01-29

📋Vendor Advisories

3
Ubuntu
OpenStack Swift vulnerabilities2017-10-11
Red Hat
openstack-swift: Client to proxy DoS through Large Objects2016-01-20
Debian
CVE-2016-0737: swift - OpenStack Object Storage (Swift) before 2.4.0 does not properly close client con...2016

💬Community

2
Bugzilla
CVE-2016-0737 openstack-swift: Client to proxy DoS through Large Objects [fedora-all]2016-01-21
Bugzilla
CVE-2016-0737 openstack-swift: Client to proxy DoS through Large Objects2016-01-15
CVE-2016-0737 (HIGH CVSS 7.5) | OpenStack Object Storage (Swift) be | cvebase.io