Vulnerability Database

308,485

Total vulnerabilities in the database

CVE-2014-2573

The VMWare driver in OpenStack Compute (Nova) 2013.2 through 2013.2.2 does not properly put VMs into RESCUE status, which allows remote authenticated users to bypass the quota limit and cause a denial of service (resource consumption) by requesting the VM be put into rescue and then deleting the image.

Published: Mar 25, 2014
Updated: Nov 9, 2025
CVE: CVE-2014-2573
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.3
AV:A/AC:M/Au:S/C:N/I:N/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
openstack / compute	2013.2.2	2013.2.2.x
openstack / compute	2013.2.1	2013.2.1.x
openstack / compute	2013.2	2013.2.x

http://secunia.com/advisories/57498
http://www.openwall.com/lists/oss-security/2014/03/21/1
http://www.openwall.com/lists/oss-security/2014/03/21/2
https://bugs.launchpad.net/nova/+bug/1269418

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo