OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors

Description

The "create an instance" API in OpenStack Compute (Nova) Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for CVE-2013-2256.

Basic information

Type
reviewed
Severity
low
Advisory on GitHub
Open advisory ↗
Repository advisory
Source code
Browse source ↗
Published (advisory)
2022-05-17 05:04:20 UTC
Updated
2024-05-14 21:27:16 UTC
GitHub reviewed
2024-05-14 21:27:13 UTC
NVD published
2013-09-16

EPSS Score

Score Percentile
0.20% 42.49%

CVSS Scores

No CVSS scores in this advisory.

Identifiers

Affected packages (1)

Vulnerable version ranges and first patched releases as published by GitHub.

Ecosystem Package Vulnerable range First patched Vulnerable functions
pip nova < 12.0.0a0 12.0.0a0

References

cvelogic Threat Intelligence