Home

CVE-2014-7960

Description

OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined.

Risk Information

Base Score
8.6
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
0.297

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2014-7960 are fixed in Python-swift 2.2.0Windows
OpenStack distributed virtual object store (USN-2704-1) swift_2.2.2-0ubuntu1.3_all.debLinux
OpenStack distributed virtual object store (USN-2704-1) swift_1.13.1-0ubuntu1.2_all.debLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-api-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-api-devel-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-cli-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-client-xlators-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-devel-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-fuse-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-libs-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update glusterfs-rdma-3.7.1-11.el5.x86_64.rpmLinux
(RHSA-2015:1495) Important: Red Hat Gluster Storage 3.1 update python-gluster-3.7.1-11.el5.x86_64.rpmLinux
Vulnerabilities CVE-2014-7960 are fixed in Python-swift for linux 2.2.0Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234