CVE-2014-8124

Openstack Horizon < 2014.1.3 - Denial of Service

Title source: rule

Description

OpenStack Dashboard (Horizon) before 2014.1.3 and 2014.2.x before 2014.2.1 does not properly handle session records when using a db or memcached session engine, which allows remote attackers to cause a denial of service via a large number of requests to the login page.

References (8)

Scores

EPSS 0.0097
EPSS Percentile 76.3%

Classification

CWE
CWE-400
Status draft

Affected Products (4)

openstack/horizon < 2014.1.3
fedoraproject/fedora
opensuse/opensuse
oracle/solaris

Timeline

Published Dec 12, 2014
Tracked Since Feb 18, 2026