405 matches found
CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
UBUNTU-CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
PT-2014-3453 · Openstack · Openstack Neutron
Name of the Vulnerable Software and Affected Versions: OpenStack Neutron versions 2012.2 through 2013.2.2 Description: The issue allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command, due to the l3-agent not checking the...
UBUNTU-CVE-2014-0056
The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command...
CVE-2013-6419
CVE-2013-6419 affects OpenStack Nova and Neutron. The vulnerability arises from an missing authorization check on the device ID bound to a port, allowing remote tenants to retrieve metadata by spoofing that device ID. Affected components include Nova’s api/metadata/handler.py and Neutron’s neutro...