OpenStack Compute (Nova) Grizzly, Folsom (2012.2), and Essex (2012.1) does not properly implement a quota for fixed IPs, which allows remote authenticated users to cause a denial of service (resource exhaustion and failure to spawn new instances) via a large number of calls to the addFixedIp function.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Essex | Openstack | 2012.1 | 2012.1 |
Folsom | Openstack | 2012.2 | 2012.2 |
Grizzly | Openstack | 2012.2 | 2012.2 |