Lucene search
RedhatCVE-2014-0071HistoryApr 17, 2014 - 2:55 p.m.
CVE-2014-0071
2014-04-1714:55:06
CWE-264
redhat
web.nvd.nist.gov
35
packstack
red hat
openstack 4.0
security groups
neutron
bypass
unauthorized connections
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
65.3%
PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.
Affected configurations
Node
redhatopenstackMatch4.0
Related
prion
prion
Design/Logic Flaw
2014-04-17 14:55:00
debiancve
debiancve
CVE-2014-0071
2014-04-17 14:55:06
nvd
nvd
CVE-2014-0071
2014-04-17 14:55:06
cvelist
cvelist
CVE-2014-0071
2014-04-17 14:00:00
ubuntucve
ubuntucve
CVE-2014-0071
2014-04-17 00:00:00
redhat
redhat
(RHSA-2014:0233) Important: openstack-packstack security and bug fix update
2014-03-04 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
AI Score
6.9
Confidence
Low
EPSS
0.003
Percentile
65.3%
Related for CVE-2014-0071