CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
Percentile
92.1%
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | neutron | < 2:21.0.0-7 | neutron_2:21.0.0-7_all.deb |
Debian | 11 | all | neutron | < 2:17.2.1-0+deb11u1 | neutron_2:17.2.1-0+deb11u1_all.deb |
Debian | 999 | all | neutron | < 2:25.0.0~rc2-1 | neutron_2:25.0.0~rc2-1_all.deb |
Debian | 13 | all | neutron | < 2:25.0.0~rc1-2 | neutron_2:25.0.0~rc1-2_all.deb |