CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
Percentile
90.7%
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1
(kilo), when using the IPTables firewall driver, allows remote
authenticated users to cause a denial of service (L2 agent crash) by adding
an address pair that is rejected by the ipset tool.
Author | Note |
---|---|
tyhicks | DoS possible by an authenticated user |
mdeslaur | ipset code introduced in juno |