403 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-40085
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a...
Linux Distros Unpatched Vulnerability : CVE-2023-3637
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an...
Security Bulletin: Improper Authorization in OpenStack Neutron Tagging Allows Unauthorized Network Tag Modification
Summary In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change add and clear tags on network objects that do not belong to th...
TencentOS Server 4: openstack-neutron (TSSA-2024:1085)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1085 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: openstack-neutron (TSSA-2024:1052)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1052 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
RHEL 6 : openstack-neutron (RHSA-2014:1078)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1078 advisory. OpenStack Networking Neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...
Linux Distros Unpatched Vulnerability : CVE-2024-53916
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check f...
Linux Distros Unpatched Vulnerability : CVE-2016-5362
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism...
Linux Distros Unpatched Vulnerability : CVE-2015-8914
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechani...
Linux Distros Unpatched Vulnerability : CVE-2016-5363
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism...
CVE-2024-53916
A flaw was found in OpenStack Neutron. The service tagging policy engine insufficiently verifies the parent resource or the upper parent resource project ID when checking the policies against the caller project ID...
CVE-2024-53916
In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change add and clear tags on network objects that do not belong to the tenant...
CVE-2024-53916
In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change add and clear tags on network objects that do not belong to the tenant...
CVE-2024-53916
In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change add and clear tags on network objects that do not belong to the tenant...
PT-2024-35973 · Openstack · Openstack Neutron
Name of the Vulnerable Software and Affected Versions: OpenStack Neutron versions 23 through 23.2.0 OpenStack Neutron versions 24 through 24.0.1 OpenStack Neutron versions 25 through 25.0.0 Description: The issue affects OpenStack Neutron, where the neutron/extensions/tagging.py can use an...
OpenStack Neutron 安全漏洞
OpenStack Neutron is an OpenStack project open-sourced by OpenStack and designed to provide services between interface devices managed by other OpenStack services. A security vulnerability exists in OpenStack Neutron version 25.0.0 and earlier versions, which stems from the fact that...
RHEL 7 : openstack-neutron (RHSA-2017:2447)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2447 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...
RHEL 7 : openstack-neutron (RHSA-2017:2449)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2449 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...
RHEL 7 : openstack-neutron (RHSA-2018:2715)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:2715 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...
RHEL 6 : openstack-neutron (RHSA-2015:0044)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2015:0044 advisory. OpenStack Networking neutron is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main functi...