Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.10 views

CVE-2026-49299

A flaw was found in OpenStack Neutron. The tagging controller incorrectly enforces plural policy action names for single-tag write operations, while the defined policy rules use singular names. This mismatch allows a project reader to bypass intended policy restrictions, enabling them to create a...

5.3CVSS5.7AI score0.00295EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/28 9:53 p.m.10 views

CVE-2026-49299

In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References3
CVE
CVE
added 2026/05/28 9:53 p.m.29 views

CVE-2026-49299

OpenStack Neutron prior to 28.0.1 is affected: the tagging controller enforces plural policy action names on single-tag write operations while policy rules use singular names, causing the mismatch to evaluate as allowed under the default policy. This permits a project reader to create and update ...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.17 views

PT-2026-44555

Name of the Vulnerable Software and Affected Versions OpenStack Neutron versions 26.0.0 through 28.0.0 Description The tagging controller enforces plural policy action names on single-tag write operations, whereas the defined policy rules use singular names. This mismatch causes the default polic...

5.3CVSS5.8AI score0.00295EPSS
Exploits0References13
Rows per page
Query Builder