Neutron Security Vulnerabilities and Issues — Neutron CVE List

Lucene search

OpenstackNeutron

5 matches found

CVE•added 2014/07/23 2:55 p.m.•70 views

CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.

4CVSS6.1AI score0.01022EPSS

CVE•added 2015/08/26 7:59 p.m.•61 views

CVE-2015-3221

OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.

4CVSS6.3AI score0.1067EPSS

CVE•added 2014/11/24 3:59 p.m.•53 views

CVE-2014-7821

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

4CVSS6.1AI score0.0214EPSS

CVE•added 2014/10/02 2:55 p.m.•44 views

CVE-2014-6414

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.

4CVSS6.1AI score0.00573EPSS

CVE•added 2015/01/15 3:59 p.m.•42 views

CVE-2014-8153

The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.

4CVSS6.4AI score0.00709EPSS