403 matches found
Anti-Spoofing Controls Bypass
openstack-neutron is vulnerable to anti-spoofing controls bypass. Authenticated users using the ML2 plugin or the security groups AMQP API are able to set the deviceowner field to an arbitrary value starting with network: on networks they do not own. Setting the affected field before the security...
Denial Of Service (DoS)
openstack-neutron is vulnerable to denial of service DoS attacks. The vulnerability exists as OpenStack Neutron before 2014.2.4 juno and 2015.1.x before 2015.1.1 kilo, when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service L2 agent crash by adding ...
Denial Of Service (DoS)
openstack-neutron is vulnerable to denial of service DoS attacks. The vulnerability exists as OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service crash via a crafted dnsnameservers value in the DNS configuration...
Privilege Escalation
openstack-neutron is vulnerable to privilege escalation attacks. The vulnerability exists as it was discovered that unprivileged users could in some cases reset admin-only network attributes to their default values. This could lead to unexpected behavior or in some cases result in a denial of...
Privilege Escalation
openstack-neutron is vulnerable to privilege escalation attacks. The vulnerability exists as the default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows...
Privilege Escalation
openstack-neutron is vulnerable to privilege escalation attacks. The vulnerability exists as the default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted...
Denial Of Service (DoS)
openstack-neutron is vulnerable to denial of service. There was no enforced quota on the amount of allowed address pairs, allowing a remote authenticated attacker to deplete system resources by creating a large number of allowed address pairs...
Authorization Bypass
openstack-neutron is vulnerable to authorization bypass. An authenticated user is able to bypass security group restrictions with an invalid CIDR to add a security group rule which would cause the openvswitch-agent process to fail and prevent further rules from being applied...
Security Bulletin: IBM Cloud Manager with OpenStack is affected by a vulnerability found in OpenStack Neutron (CVE-2017-7543)
Summary A vFinder security vulnerability has been identified in OpenStack Neutron that is used by IBM Cloud Manager with OpenStack. IBM Cloud Manager with OpenStack has addressed the vulnerability. Vulnerability Details CVEID: CVE-2017-7543 DESCRIPTION: OpenStack neutron could allow a remote...
Anti-Spoofing Controls Bypass
openstack-neutron is vulnerable to anti-spoofing controls bypass. Authenticated users using the ML2 plugin or the security groups AMQP API are able to set the deviceowner field to an arbitrary value starting with network: on networks they do not own. Setting the affected field before the security...
openstack-neutron: A router interface out of subnet IP range results in a denial of service
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...
CVE-2018-14636
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...
UBUNTU-CVE-2018-14635
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...
DEBIAN-CVE-2018-14636
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...
PYSEC-2018-93
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...
PYSEC-2018-93
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...
CVE-2018-14635
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...
Design/Logic Flaw
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...
PYSEC-2018-94
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...
CVE-2018-14636
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...