Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The (1) backup (api/contrib/backups.py) and (2) volume transfer (contrib/volume_transfer.py) APIs in OpenStack Cinder Grizzly 2013.1.3 and earlier allows remote attackers to cause a denial of service (resource consumption and crash) via an XML Entity Expansion (XEE) attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack 资源管理错误漏洞
Vulnerability Description
OpenStack是美国美国国家航空航天局(NASA)的一个云平台管理项目。 OpenStack Cinder Grizzly 2013.1.3及之前的版本存在资源管理错误漏洞,远程攻击者可通过XML Entity Expansion (XEE)攻击利用该漏洞导致拒绝服务(资源消耗和程序崩溃)。
CVSS Information
N/A
Vulnerability Type
N/A