CVE-2014-7821

2014-11-2415:59:02

CWE-20

CWE-399

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

AI Score

Confidence

High

EPSS

0.009

Percentile

83.0%

JSON

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

Affected configurations

Nvd

Node

openstackneutronRange2012.2.1–2014.1.4

openstackneutronRange2014.2–2014.2.1

Node

fedoraprojectfedoraMatch20

Node

redhatopenstackMatch4.0

VendorProductVersionCPE
openstackneutron*cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
fedoraprojectfedora20cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
redhatopenstack4.0cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openstack	neutron	*	cpe:2.3:a:openstack:neutron::::::::
fedoraproject	fedora	20	cpe:2.3:o:fedoraproject:fedora:20:::::::*
redhat	openstack	4.0	cpe:2.3:a:redhat:openstack:4.0:::::::*