Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: IBM PowerVC – Keystone DoS through V3 API authentication chaining (CVE-2014-2828) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
By sending a single request with the same authentication method multiple times, a remote attacker may generate unwanted load on the Keystone host, potentially resulting in a Denial of Service against a Keystone service. CVE(s): CVE-2014-2828 Affected product(s) and affected version(s): PowerVC Express Edition 1.2.0.0 through 1.2.0.2 PowerVC Standard Edition 1.2.0.0 through 1.2.0.2 Refer to the following reference URLs for remediation and additional vulnerability details: Source Bulletin: More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_ibm_powervc_keystone_dos_through_v3_api_authentication_chaining_cve_2014_2828?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2014-2828 ,CVE-2014-0075 ,CVE-2014-0099 ,CVE-2014-3087 ,CVE-2014-0050 ,CVE-2014-3500 ,CVE-2014-3501 and CVE-2014-3502. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2014-08-20 |