Openstack

Neutron

26 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2017-7543

  • EPSS 0.22%
  • Published 26.07.2018 14:29:00
  • Last modified 21.11.2024 03:32:07

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the ...

8.2

CVE-2016-5363

  • EPSS 4.75%
  • Published 17.06.2016 15:59:04
  • Last modified 12.04.2025 10:46:40

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted ...

8.2

CVE-2016-5362

  • EPSS 6.31%
  • Published 17.06.2016 15:59:03
  • Last modified 12.04.2025 10:46:40

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHC...

9.1

CVE-2015-8914

Exploit
  • EPSS 6.66%
  • Published 17.06.2016 15:59:00
  • Last modified 12.04.2025 10:46:40

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-loca...

3.5

CVE-2015-5240

  • EPSS 0.09%
  • Published 27.10.2015 16:59:06
  • Last modified 12.04.2025 10:46:40

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to...

4

CVE-2015-3221

  • EPSS 10.67%
  • Published 26.08.2015 19:59:03
  • Last modified 12.04.2025 10:46:40

OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the i...

4

CVE-2014-8153

  • EPSS 0.71%
  • Published 15.01.2015 15:59:08
  • Last modified 12.04.2025 10:46:40

The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet t...

4

CVE-2014-7821

  • EPSS 1.45%
  • Published 24.11.2014 15:59:02
  • Last modified 12.04.2025 10:46:40

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

7.6

CVE-2014-3632

  • EPSS 1.22%
  • Published 07.10.2014 14:55:04
  • Last modified 12.04.2025 10:46:40

The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows remote attackers to gain privileges via a craft...

4

CVE-2014-6414

  • EPSS 0.57%
  • Published 02.10.2014 14:55:04
  • Last modified 12.04.2025 10:46:40

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.