← Back

CVE-2014-9684

nvd nist
Published: Feb 24, 2015Modified: May 6, 2026

JSON object

Loading...
4.0
Vector
AV:N/AC:L/Au:S/C:N/I:N/A:P
Exploitability: 8.0 / Impact: 2.9
Source: NVD

Description

OpenStack Image Registry and Delivery Service (Glance) 2014.2 through 2014.2.2 does not properly remove images, which allows remote authenticated users to cause a denial of service (disk consumption) by creating a large number of images using the task v2 API and then deleting them before the uploads finish, a different vulnerability than CVE-2015-1881.

Affected (3)

Openstack
1 product
Image Registry And Delivery Service (glance)
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Openstack
Image Registry And Delivery Service (glance)
Version 2014.2.1
Image Registry And Delivery Service (glance)
Version 2014.2.2
Image Registry And Delivery Service (glance)
Version 2014.2

Related CWEs

CWE-399
CWE-399

References (8)

Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit

Timeline

No history available yet.