4 matches found
CVE-2026-50266
OpenStack Neutron before 28.0.1 is affected. A port on a shared network owned by another project can be created or updated by a project manager with device_owner starting with a network: prefix (e.g., network:dhcp). The default RBAC policies did not require network ownership, allowing access to t...
SUSE CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...
PT-2015-7591 · Openstack +1 · Openstack Compute +1
Name of the Vulnerable Software and Affected Versions: OpenStack Compute Nova versions prior to 2014.2.4 juno OpenStack Compute Nova versions 2015.1.x prior to 2015.1.2 kilo Description: The issue allows remote attackers to bypass intended restrictions by leveraging an instance that was running...
CVE-2014-0187
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...