NVD

Id
35341  
Name
CVE-2014-8124  
Description
OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.  
Reject
 
CVSS Version
2  
CVSS Score
4.3  
Severity
Medium  
CVSS Base Score
4.3  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:N/I:N/A:P)  
Pub Date
2017-01-19  
Published
2014-12-12  
Modified Date
2016-10-25  
Seq
2014-8124  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
181038 35341 CVE-2014-8124 FEDORA-2014-17177  View
181039 35341 CVE-2014-8124 [openstack-announce] 20141209 [OSSA 2014-040] Horizon denial of service attack through login page (CVE-2014-8124)  View
181040 35341 CVE-2014-8124 openSUSE-SU-2015:0078  View
181041 35341 CVE-2014-8124 RHSA-2015:0839  View
181042 35341 CVE-2014-8124 RHSA-2015:0845  View
181043 35341 CVE-2014-8124 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html  View
181044 35341 CVE-2014-8124 https://bugs.launchpad.net/horizon/+bug/1394370  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
17120 JVNDB-2014-005995 OpenStack Dashboard におけるサービス運用妨害 (DoS) の脆弱性 OpenStack Dashboard (Horizon) は、データベースまたは memcached セッションエンジンを使用する場合、セッションレコードを適切に処理しないため、サービス運用妨害 (DoS) 状態にされる脆弱性が存在します。 CVE-2014-8124 75417 CVE-2014-8124 35341 4.3 http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005995.html 2014-11-20 2015-06-04 View