{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-09-16T00:00:00", "descriptions": [{"lang": "en", "value": "OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-07T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "SUSE-SU-2015:1846", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00025.html"}, {"name": "[oss-security] 20141008 Re: CVE request for vulnerability in OpenStack Swift", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/10/08/7"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.launchpad.net/swift/+bug/1365350"}, {"name": "RHSA-2015:1495", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1495.html"}, {"name": "RHSA-2015:0835", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0835.html"}, {"name": "openstack-swift-cve20147960-sec-bypass(96901)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96901"}, {"name": "[oss-security] 20141007 CVE request for vulnerability in OpenStack Swift", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2014/10/07/39"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"}, {"name": "USN-2704-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2704-1"}, {"name": "70279", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/70279"}, {"name": "RHSA-2015:0836", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0836.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2014-7960", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "SUSE-SU-2015:1846", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00025.html"}, {"name": "[oss-security] 20141008 Re: CVE request for vulnerability in OpenStack Swift", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/10/08/7"}, {"name": "https://bugs.launchpad.net/swift/+bug/1365350", "refsource": "CONFIRM", "url": "https://bugs.launchpad.net/swift/+bug/1365350"}, {"name": "RHSA-2015:1495", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1495.html"}, {"name": "RHSA-2015:0835", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0835.html"}, {"name": "openstack-swift-cve20147960-sec-bypass(96901)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96901"}, {"name": "[oss-security] 20141007 CVE request for vulnerability in OpenStack Swift", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2014/10/07/39"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"}, {"name": "USN-2704-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2704-1"}, {"name": "70279", "refsource": "BID", "url": "http://www.securityfocus.com/bid/70279"}, {"name": "RHSA-2015:0836", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-0836.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T13:03:27.675Z"}, "title": "CVE Program Container", "references": [{"name": "SUSE-SU-2015:1846", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00025.html"}, {"name": "[oss-security] 20141008 Re: CVE request for vulnerability in OpenStack Swift", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/10/08/7"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugs.launchpad.net/swift/+bug/1365350"}, {"name": "RHSA-2015:1495", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1495.html"}, {"name": "RHSA-2015:0835", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0835.html"}, {"name": "openstack-swift-cve20147960-sec-bypass(96901)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96901"}, {"name": "[oss-security] 20141007 CVE request for vulnerability in OpenStack Swift", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2014/10/07/39"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"}, {"name": "USN-2704-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2704-1"}, {"name": "70279", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/70279"}, {"name": "RHSA-2015:0836", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-0836.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2014-7960", "datePublished": "2014-10-17T15:00:00", "dateReserved": "2014-10-07T00:00:00", "dateUpdated": "2024-08-06T13:03:27.675Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:swift:*:*:*:*:*:*:*:*", "matchCriteriaId": "47DD32D7-6851-443D-B97D-A1E6D2E8CDB2", "versionEndIncluding": "2.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined."}, {"lang": "es", "value": "OpenStack Object Storage (Swift) anterior a 2.2.0 permite a usuarios remotos autenticados evadir las restricciones max_meta_count y otros metadatos a trav\u00e9s de m\u00falitples peticiones manipuladas que exceden el l\u00edmite cuando \u00e9stas se combinan."}], "id": "CVE-2014-7960", "lastModified": "2017-09-08T01:29:18.497", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-10-17T15:55:06.713", "references": [{"source": "cve@mitre.org", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00025.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-0835.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-0836.html"}, {"source": "cve@mitre.org", "url": "http://rhn.redhat.com/errata/RHSA-2015-1495.html"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2014/10/07/39"}, {"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2014/10/08/7"}, {"source": "cve@mitre.org", "url": "http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html"}, {"source": "cve@mitre.org", "url": "http://www.securityfocus.com/bid/70279"}, {"source": "cve@mitre.org", "url": "http://www.ubuntu.com/usn/USN-2704-1"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://bugs.launchpad.net/swift/+bug/1365350"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/96901"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:2:client:el5", "package": "glusterfs-0:3.7.1-11.el5", "product_name": "Native Client for RHEL 5 for Red Hat Storage", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3:client:el6", "package": "glusterfs-0:3.7.1-11.el6", "product_name": "Native Client for RHEL 6 for Red Hat Storage", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:0836", "cpe": "cpe:/a:redhat:openstack:5::el6", "package": "openstack-swift-0:1.13.1-4.el6ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6", "release_date": "2015-04-16T00:00:00Z"}, {"advisory": "RHSA-2015:0835", "cpe": "cpe:/a:redhat:openstack:5::el7", "package": "openstack-swift-0:1.13.1-4.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "release_date": "2015-04-16T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "augeas-0:1.0.0-10.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "check-mk-0:1.2.6p1-3.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "clufter-0:0.11.2-1.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "cluster-0:3.0.12.1-73.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "clustermon-0:0.16.2-31.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "corosync-0:1.4.7-2.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "ctdb2.5-0:2.5.5-7.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "fence-virt-0:0.2.3-19.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "glusterfs-0:3.7.1-11.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "gluster-nagios-addons-0:0.2.4-4.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "gluster-nagios-common-0:0.2.0-1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "gstatus-0:0.64-3.1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "libqb-0:0.17.1-1.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "libtalloc-0:2.1.1-4.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "libvirt-0:0.10.2-54.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "nagios-plugins-0:1.4.16-12.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "nagios-server-addons-0:0.2.1-4.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "nfs-ganesha-0:2.2.0-5.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "nrpe-0:2.15-4.1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "openais-0:1.1.1-7.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "openstack-swift-0:1.13.1-4.el6ost", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "pacemaker-0:1.1.12-8.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "pcs-0:0.9.139-9.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "pnp4nagios-0:0.6.22-2.1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "pynag-0:0.9.1-1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "python-blivet-1:1.0.0.2-1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "python-cpopen-0:1.3-4.el6_5", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "python-eventlet-0:0.14.0-1.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "python-greenlet-0:0.4.2-1.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "python-keystoneclient-1:0.9.0-5.el6ost", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "python-prettytable-0:0.7.2-1.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "python-pyudev-0:0.15-2.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "redhat-storage-logos-0:60.0.20-1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "redhat-storage-server-0:3.1.0.3-1.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "resource-agents-0:3.9.5-24.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "ricci-0:0.16.2-81.el6", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "userspace-rcu-0:0.7.9-2.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}, {"advisory": "RHSA-2015:1495", "cpe": "cpe:/a:redhat:storage:3.1:nfs:el6", "package": "vdsm-0:4.16.20-1.2.el6rhs", "product_name": "Red Hat Gluster Storage 3.1 for RHEL 6", "release_date": "2015-07-29T00:00:00Z"}], "bugzilla": {"description": "openstack-swift: Swift metadata constraints are not correctly enforced", "id": "1150461", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1150461"}, "csaw": false, "cvss": {"cvss_base_score": "4.0", "cvss_scoring_vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-400", "details": ["OpenStack Object Storage (Swift) before 2.2.0 allows remote authenticated users to bypass the max_meta_count and other metadata constraints via multiple crafted requests which exceed the limit when combined.", "A flaw was found in the metadata constraints in OpenStack Object Storage (swift). By adding metadata in several separate calls, a malicious user could bypass the max_meta_count constraint, and store more metadata than allowed by the configuration."], "name": "CVE-2014-7960", "package_state": [{"cpe": "cpe:/a:redhat:openstack:4", "fix_state": "Will not fix", "package_name": "openstack-swift", "product_name": "Red Hat OpenStack Platform 4"}], "public_date": "2014-09-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-7960\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-7960"], "threat_severity": "Moderate"}