CVE-2014-8333

Published: Oct 31, 2014Modified: May 6, 2026

4.0

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability: 8.0 / Impact: 2.9

Source: NVD

Description

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.

Affected (2)

Products: Redhat: Openstack · Openstack: Nova

Redhat

1 product

Openstack

1 product

Nova

Configuration A

1 vulnerable · 2 platform

Vulnerable Software	Affected Versions
Redhat Openstack	Version 5.0

Running on/with	Platform Versions
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux	Version 7.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Openstack Nova	From 2014.1 to 2014.1.4

Related CWEs

CWE-399

References (10)

http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html

Source: cve@mitre.org

PatchVendor Advisory

http://rhn.redhat.com/errata/RHSA-2015-0843.html

Source: cve@mitre.org

Third Party Advisory

http://rhn.redhat.com/errata/RHSA-2015-0844.html

Source: cve@mitre.org

Third Party Advisory

http://secunia.com/advisories/60531

Source: cve@mitre.org

Permissions RequiredThird Party Advisory

https://bugs.launchpad.net/nova/+bug/1359138

Source: cve@mitre.org

Issue TrackingThird Party Advisory

http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html