Lucene search

PRIOn knowledge basePRION:CVE-2014-3632

HistoryOct 07, 2014 - 2:55 p.m.

Design/Logic Flaw

2014-10-0714:55:00

PRIOn knowledge base

www.prio-n.com

6.8 Medium

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

72.0%

JSON

The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows remote attackers to gain privileges via a crafted configuration file. NOTE: this vulnerability exists because of a CVE-2013-6433 regression.

CPENameOperatorVersion
neutronge2014.1
neutronle2014.1.2

CPE	Name	Operator	Version
	neutron	ge	2014.1
	neutron	le	2014.1.2

References

rhn.redhat.com/errata/RHSA-2014-1339.html

6.8 Medium

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.004 Low

EPSS

Percentile

72.0%

JSON

Related for PRION:CVE-2014-3632