CVE-2014-3517

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2014-3517
api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
http://www.openwall.com/lists/oss-security/2014/07/17/2 Patch Third Party Advisory
https://bugs.launchpad.net/nova/+bug/1325128 Third Party Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:*:*:*:*:*:*:*:*
cpe:2.3:a:openstack:nova:2014.2.0:milestone1:*:*:*:*:*:*
History

13 Feb 2023, 00:40

Type Values Removed Values Added
References
  • {'url': 'https://bugzilla.redhat.com/show_bug.cgi?id=1112499', 'name': 'https://bugzilla.redhat.com/show_bug.cgi?id=1112499', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2014:0940', 'name': 'https://access.redhat.com/errata/RHSA-2014:0940', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/errata/RHSA-2014:1084', 'name': 'https://access.redhat.com/errata/RHSA-2014:1084', 'tags': [], 'refsource': 'MISC'}
  • {'url': 'https://access.redhat.com/security/cve/CVE-2014-3517', 'name': 'https://access.redhat.com/security/cve/CVE-2014-3517', 'tags': [], 'refsource': 'MISC'}
Summary A side-channel timing attack flaw was found in Nova. An attacker could possibly use this flaw to guess valid instance ID signatures, giving them access to details of another instance, by analyzing the response times of requests for instance metadata. This issue only affected configurations that proxy metadata requests via Neutron. api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.

02 Feb 2023, 20:17

Type Values Removed Values Added
Summary api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests. A side-channel timing attack flaw was found in Nova. An attacker could possibly use this flaw to guess valid instance ID signatures, giving them access to details of another instance, by analyzing the response times of requests for instance metadata. This issue only affected configurations that proxy metadata requests via Neutron.
References
  • (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=1112499 -
  • (MISC) https://access.redhat.com/errata/RHSA-2014:0940 -
  • (MISC) https://access.redhat.com/errata/RHSA-2014:1084 -
  • (MISC) https://access.redhat.com/security/cve/CVE-2014-3517 -
Information

Published : 2014-08-07 11:13

Updated : 2023-12-10 11:31

NVD link : CVE-2014-3517

Mitre link : CVE-2014-3517

CVE.ORG link : CVE-2014-3517

JSON object : View

Products Affected

openstack

  • nova
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor