Miggo Logo
Miggo Vulnerability Database
CVE-2014-2573

CVE-2014-2573:
OpenStack Nova VMWare driver leaks rescued images

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2014-2573
GHSA ID
GHSA-jv34-xvjq-ppch
EPSS Score
0.29577%
CWE
CWE-770
Published
5/17/2022
Updated
11/26/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
novapip< 12.0.0a012.0.0a0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two key issues in the VMware driver:

  1. The original destroy() method in vmops.py did not handle rescue instances. The patch splits it into _destroy_instance() and adds logic to check vm_state==RESCUED, then call unrescue(power_on=False).
  2. The unrescue() method previously always powered on the original VM. The patch adds a power_on parameter to avoid this during deletion. Without this, unrescue() couldn't properly clean up rescue instances when the parent VM was being deleted. The commit diff shows these functions were modified to address the resource leak, confirming their role in the vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

T** VMW*r* *riv*r in Op*nSt**k *omput* (Nov*) ****.* t*rou** ****.*.* *o*s not prop*rly put VMs into R*S*U* st*tus, w*i** *llows r*mot* *ut**nti**t** us*rs to *yp*ss t** quot* limit *n* **us* * **ni*l o* s*rvi** (r*sour** *onsumption) *y r*qu*stin* t

Reasoning

T** vuln*r**ility st*ms *rom two k*y issu*s in t** VMw*r* *riv*r: *. T** ori*in*l **stroy() m*t*o* in vmops.py *i* not **n*l* r*s*u* inst*n**s. T** p*t** splits it into _**stroy_inst*n**() *n* ***s lo*i* to ****k vm_st*t*==R*S*U**, t**n **ll unr*s*u*