{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-09-05T00:00:00", "descriptions": [{"lang": "en", "value": "The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2015-04-28T16:57:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "60531", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60531"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/nova/+bug/1359138"}, {"name": "RHSA-2015:0844", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0844.html"}, {"name": "[openstack-announce] 20141021 [OSSA 2014-037] Nova VMware instance in resize state may leak (CVE-2014-8333)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html"}, {"name": "RHSA-2015:0843", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0843.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-8333", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "60531", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60531"}, {"name": "https://bugs.launchpad.net/nova/+bug/1359138", "refsource": "CONFIRM", "url": "https://bugs.launchpad.net/nova/+bug/1359138"}, {"name": "RHSA-2015:0844", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0844.html"}, {"name": "[openstack-announce] 20141021 [OSSA 2014-037] Nova VMware instance in resize state may leak (CVE-2014-8333)", "refsource": "MLIST", "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html"}, {"name": "RHSA-2015:0843", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0843.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:18:46.441Z"}, "title": "CVE Program Container", "references": [{"name": "60531", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60531"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/nova/+bug/1359138"}, {"name": "RHSA-2015:0844", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0844.html"}, {"name": "[openstack-announce] 20141021 [OSSA 2014-037] Nova VMware instance in resize state may leak (CVE-2014-8333)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html"}, {"name": "RHSA-2015:0843", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0843.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-8333", "datePublished": "2014-10-31T14:00:00", "dateReserved": "2014-10-20T00:00:00", "dateUpdated": "2024-08-06T13:18:46.441Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "B152EDF3-3140-4343-802F-F4F1C329F5C3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": false}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*", "matchCriteriaId": "434482D6-5DD1-456D-BDB4-3B6CF5DB20E8", "versionEndExcluding": "2014.1.4", "versionStartIncluding": "2014.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state."}, {"lang": "es", "value": "El controlador VMware en OpenStack Compute (Nova) anterior a 2014.1.4 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (consumo de disco) mediante la eliminaci\u00f3n de un instancia en el estado resize."}], "id": "CVE-2014-8333", "lastModified": "2024-11-21T02:18:53.477", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-10-31T14:55:07.907", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0843.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0844.html"}, {"source": "cve@mitre.org", "tags": ["Permissions Required", "Third Party Advisory"], "url": "http://secunia.com/advisories/60531"}, {"source": "cve@mitre.org", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugs.launchpad.net/nova/+bug/1359138"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0843.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0844.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Permissions Required", "Third Party Advisory"], "url": "http://secunia.com/advisories/60531"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugs.launchpad.net/nova/+bug/1359138"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:0844", "cpe": "cpe:/a:redhat:openstack:5::el6", "package": "openstack-nova-0:2014.1.4-3.el6ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6", "release_date": "2015-04-16T00:00:00Z"}, {"advisory": "RHSA-2015:0843", "cpe": "cpe:/a:redhat:openstack:5::el7", "package": "openstack-nova-0:2014.1.4-3.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "release_date": "2015-04-16T00:00:00Z"}], "bugzilla": {"description": "openstack-nova: Nova VMware instance in resize state may leak", "id": "1154890", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1154890"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-772", "details": ["The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.", "A flaw was found in the OpenStack Compute (nova) VMWare driver, which could allow an authenticated user to delete an instance while it was in the resize state, causing the instance to remain on the back end. A malicious user could use this flaw to cause a denial of service by exhausting all available resources on the system."], "name": "CVE-2014-8333", "package_state": [{"cpe": "cpe:/a:redhat:openstack:4", "fix_state": "Will not fix", "package_name": "openstack-nova", "product_name": "Red Hat OpenStack Platform 4"}], "public_date": "2014-08-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-8333\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-8333"], "threat_severity": "Moderate"}