CVE-2014-8333

Name: CVE-2014-8333
Creator: NVD / NIST
Published: 2014-10-31T14:55:07.907+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 2.01%

Last modified Jun 17, 2026

CVE-2014-8333 is a vulnerability of currently unknown severity. The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.. EPSS estimates a 2.01% chance of exploitation in the next 30 days.

Description

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.

Metrics

EPSS Probability

2.01%

78.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-399

Affected Software

Vendor	Product	Versions
Redhat	Openstack	5.0
Openstack	Nova	>= 2014.1, < 2014.1.4

References

http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.htmlPatch, Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0843.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0844.htmlThird Party Advisory
http://secunia.com/advisories/60531Permissions Required, Third Party Advisory
https://bugs.launchpad.net/nova/+bug/1359138Issue Tracking, Third Party Advisory
http://lists.openstack.org/pipermail/openstack-announce/2014-October/000298.htmlPatch, Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-0843.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-0844.htmlThird Party Advisory
http://secunia.com/advisories/60531Permissions Required, Third Party Advisory
https://bugs.launchpad.net/nova/+bug/1359138Issue Tracking, Third Party Advisory

Timeline

Published: Oct 31, 2014
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2014-8333?

The VMware driver in OpenStack Compute (Nova) before 2014.1.4 allows remote authenticated users to cause a denial of service (disk consumption) by deleting an instance in the resize state.

How severe is CVE-2014-8333?

Severity scoring for CVE-2014-8333 is pending analysis. The EPSS model estimates a 2.01% probability of exploitation in the next 30 days.

How do I fix CVE-2014-8333?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2014-8333?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST