Neutron@2014.1 Security Vulnerabilities and Issues — Neutron@2014.1 CVE List

Lucene search

OpenstackNeutron2014.1

4 matches found

CVE•added 2014/07/23 2:55 p.m.•70 views

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.

4CVSS6.1AI score0.01022EPSS

CVE•added 2014/04/28 2:9 p.m.•57 views

CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.

9CVSS6.1AI score0.00428EPSS

CVE•added 2014/07/11 2:55 p.m.•54 views

CVE-2014-4167

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

3.5CVSS6.1AI score0.00558EPSS

CVE•added 2014/08/19 6:55 p.m.•50 views

CVE-2014-4615

The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/m...

5CVSS5.9AI score0.0075EPSS