OpenStack Glance 2014.2.x through 2014.2.1, 2014.1.3, and earlier allows remote authenticated users to bypass the storage quota and cause a denial of service (disk consumption) by deleting an image in the saving state.
Exploitability
AV:NAC:LAu:SImpact
C:NI:NA:P4/AV:N/AC:L/Au:S/C:N/I:N/A:P