Thursday, August 31, 2017

IBM Security Bulletin: IBM PowerVC is impacted by OpenStack Compute denial of service vulnerability (CVE-2016-7498)

If an authenticated user deletes an instance while it is in resize state, it will cause the original instance to not be deleted from the compute node it was running on. An attacker can use this to launch a denial of service attack. All Nova setups are affected.

CVE(s): CVE-2016-7498

Affected product(s) and affected version(s):

PowerVC Standard Edition 1.3.1.x

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2iJI5jD
X-Force Database: http://ift.tt/2elF6ZI

The post IBM Security Bulletin: IBM PowerVC is impacted by OpenStack Compute denial of service vulnerability (CVE-2016-7498) appeared first on IBM PSIRT Blog.



from IBM Product Security Incident Response Team http://ift.tt/2iJI6UJ

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.