Lucene search

[email protected]CVE-2014-7821

HistoryNov 24, 2014 - 3:59 p.m.

CVE-2014-7821

2014-11-2415:59:02

CWE-399

CWE-20

[email protected]

web.nvd.nist.gov

cve-2014-7821

openstack

neutron

denial of service

crash

dns configuration

nvd

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

JSON

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

Affected configurations

NVD

Node

openstackneutronRange2012.2.1–2014.1.4

openstackneutronRange2014.2–2014.2.1

Node

fedoraprojectfedoraMatch20

Node

redhatopenstackMatch4.0

CPENameOperatorVersion
openstack:neutronopenstack neutronlt2014.1.4
openstack:neutronopenstack neutronlt2014.2.1

CPE	Name	Operator	Version
openstack:neutron	openstack neutron	lt	2014.1.4
openstack:neutron	openstack neutron	lt	2014.2.1

References

lists.fedoraproject.org/pipermail/package-announce/2015-April/155351.html

lists.openstack.org/pipermail/openstack-announce/2014-November/000303.html

rhn.redhat.com/errata/RHSA-2014-1938.html

rhn.redhat.com/errata/RHSA-2014-1942.html

rhn.redhat.com/errata/RHSA-2015-0044.html

secunia.com/advisories/62586

www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

bugs.launchpad.net/neutron/+bug/1378450

exchange.xforce.ibmcloud.com/vulnerabilities/98818

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

6.1 Medium

AI Score

Confidence

Low

0.01 Low

EPSS

Percentile

84.0%

JSON

Related for CVE-2014-7821

redhat3 fedora1 ubuntucve1 prion1 veracode1 nvd1 nessus1 debiancve1 openvas1 cvelist1