suse · CVE-2014-8750

Quick triage

Priority: medium Published: 2021-05-30 13:24:20 UTC Updated: 2023-05-17 00:49:59 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-8750 severity moderate: SUSE including 28 source package names (openstack-nova-12.0.2~a0~dev18-1.3, openstack-nova-2014.1.4.dev49-0.7.1, …), 28 product×package rows across 2 product lines (SUSE OpenStack Cloud 4, SUSE OpenStack Cloud 6): Fixed 28.

Description:

Race condition in the VMware driver in OpenStack Compute (Nova) before 2014.1.4 and 2014.2 before 2014.2rc1 allows remote authenticated users to access unintended consoles by spawning an instance that triggers the same VNC port to be allocated to two different instances.

cvelogic Threat Intelligence