VYPR
Moderate severityNVD Advisory· Published Aug 7, 2014· Updated Jun 17, 2026

CVE-2014-3517

CVE-2014-3517

Description

api/metadata/handler.py in OpenStack Compute (Nova) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess instance ID signatures via a brute-force attack that relies on timing differences in responses to instance metadata requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
novaPyPI
< 2013.2.42013.2.4
novaPyPI
>= 2014.0.0, < 2014.1.22014.1.2

Affected products

4

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.