CVE-2016-8611: Input Validation
First published: Tue Jul 31 2018(Updated: )
A vulnerability was found in Openstack Glance. No limits are enforced within the Glance image service for both v1 and v2 `/images` API POST method for authenticated users, resulting in possible denial of service attacks through database table saturation.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenStack Glance |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2016-8611?
The severity of CVE-2016-8611 is medium with a CVSS score of 6.5.
What is the vulnerability description of CVE-2016-8611?
CVE-2016-8611 is a vulnerability found in Openstack Glance where no limits are enforced within the Glance image service, leading to possible denial of service attacks through database table saturation.
What software is affected by CVE-2016-8611?
OpenStack Glance is affected by CVE-2016-8611.
How can I fix CVE-2016-8611?
Update to the latest version of Openstack Glance and apply any patches or security updates provided by the vendor.
Where can I find more information about CVE-2016-8611?
You can find more information about CVE-2016-8611 at the following references: [Reference 1](http://seclists.org/oss-sec/2016/q4/266), [Reference 2](http://www.securityfocus.com/bid/94378), [Reference 3](http://www.securitytracker.com/id/1037312).
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/weakness
- agent/author
- agent/last-modified-date
- agent/severity
- agent/tags
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- vendor/openstack
- canonical/openstack glance