Lucene search
K

405 matches found

Debian CVE
Debian CVE
added 2014/06/02 3:0 p.m.77 views

CVE-2013-6433

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file...

7.6CVSS6.5AI score0.03324EPSS
Exploits0
CVE
CVE
added 2014/06/02 3:0 p.m.92 views

CVE-2013-6433

The CVE-2013-6433 issue affects the Red Hat openstack-neutron package: its default configuration prior to 2013.2.3-7 does not properly set a rootwrap configuration file, enabling privilege escalation by an attacker via a crafted config. The impact is privilege escalation with network-exposed vect...

7.6CVSS6.6AI score0.03324EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2014/06/02 12:0 a.m.27 views

CVE-2013-6433

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file...

7.6CVSS5.9AI score0.03324EPSS
Exploits0References5
OSV
OSV
added 2014/06/02 12:0 a.m.6 views

UBUNTU-CVE-2013-6433

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file...

7.6CVSS5.8AI score0.03324EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2014/06/02 12:0 a.m.21 views

Fedora Update for openstack-neutron FEDORA-2014-6520

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9CVSS6.5AI score0.02942EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2014/05/29 8:15 p.m.7 views

openstack-neutron: insufficient authorization checks when creating ports

The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...

2.1CVSS5.9AI score0.01433EPSS
Exploits0References4
NVD
NVD
added 2014/05/08 2:29 p.m.30 views

CVE-2014-0056

The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...

2.1CVSS6.2AI score0.01433EPSS
Exploits0References4
OSV
OSV
added 2014/05/08 2:29 p.m.16 views

CVE-2014-0056

The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...

6.1AI score
Exploits0References4
OSV
OSV
added 2014/05/08 2:29 p.m.4 views

DEBIAN-CVE-2014-0056

The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...

2.1CVSS6.9AI score0.01433EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2014/05/08 2:0 p.m.78 views

CVE-2014-0056

The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...

2.1CVSS6.2AI score0.01433EPSS
Exploits0
Cvelist
Cvelist
added 2014/05/08 2:0 p.m.27 views

CVE-2014-0056

The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...

6.1AI score0.01433EPSS
Exploits0References4
CVE
CVE
added 2014/05/08 2:0 p.m.86 views

CVE-2014-0056

CVE-2014-0056 affects OpenStack Neutron l3-agent (2012.2 before 2013.2.3). The issue: tenant-id not checked when creating ports, allowing remote authenticated users to connect ports to the routers of arbitrary tenants via the device-id in a port-create command. CVSSv2 base score 2.1 (LOW), attack...

2.1CVSS6.2AI score0.01433EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2014/05/07 12:0 a.m.76 views

[USN-2194-1] OpenStack Neutron vulnerability

========================================================================== Ubuntu Security Notice USN-2194-1 May 05, 2014 neutron vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubunt...

2.1CVSS0.5AI score0.01433EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/05/06 12:0 a.m.23 views

Ubuntu 13.10 : neutron vulnerability (USN-2194-1)

Aaron Rosen discovered that OpenStack Neutron did not properly perform authorization checks when creating ports when using plugins relying on the l3-agent. A remote authenticated attacker could exploit this to access the network of other tenants. Note that Tenable Network Security has extracted t...

2.1CVSS5.5AI score0.01433EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2014/05/05 8:54 p.m.59 views

USN-2194-1: OpenStack Neutron vulnerability

Aaron Rosen discovered that OpenStack Neutron did not properly perform authorization checks when creating ports when using plugins relying on the l3-agent. A remote authenticated attacker could exploit this to access the network of other tenants...

2.1CVSS5.4AI score0.01433EPSS
Exploits0
OSV
OSV
added 2014/04/28 2:9 p.m.3 views

DEBIAN-CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...

9CVSS6.4AI score0.02942EPSS
Exploits0References1
NVD
NVD
added 2014/04/28 2:9 p.m.18 views

CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...

9CVSS6.1AI score0.02942EPSS
Exploits0References5
OSV
OSV
added 2014/04/28 2:9 p.m.6 views

CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...

6AI score
Exploits0References5
Prion
Prion
added 2014/04/28 2:9 p.m.23 views

Security feature bypass

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...

9CVSS6.6AI score0.02942EPSS
Exploits0References5Affected Software3
CVE
CVE
added 2014/04/28 2:0 p.m.75 views

CVE-2014-0187

CVE-2014-0187 affects OpenStack Neutron where openvswitch-agent could bypass security group rules by using an invalid CIDR in a security group rule, preventing subsequent rules from applying. The issue affected OpenStack Neutron releases prior to 2013.2.4 (and 2014.1 prior to 2014.1.1); multiple ...

9CVSS6.1AI score0.02942EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder