CVSS: 9.1EPSS: 4%CPEs: 2EXPL: 1CVE-2015-8914 – openstack-neutron: ICMPv6 source address spoofing vulnerability
https://notcve.org/view.php?id=CVE-2015-8914
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address. El firewall IPTables en OpenStack Neutron en versiones anteriores a 7.0.4 y 8.0.0 hasta la versión 8.1.0 permite a atacantes remotos eludir un mecanismo destinado a la protección ICMPv6-spoofing y consecuentemente causar una denegación de servicio o interceptar tráfico de la red a través de de una dirección fuente local de enlace. Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests. • http://www.openwall.com/lists/oss-security/2016/06/10/5 http://www.openwall.com/lists/oss-security/2016/06/10/6 https://access.redhat.com/errata/RHSA-2016:1473 https://access.redhat.com/errata/RHSA-2016:1474 https://bugs.launchpad.net/neutron/+bug/1502933 https://review.openstack.org/#/c/300233 https://review.openstack.org/#/c/310648 https://review.openstack.org/#/c/310652 https://security.openstack.org/ossa/OSSA-2016-009.html https://access. • CWE-254: 7PK - Security Features •
CVSS: 8.2EPSS: 3%CPEs: 7EXPL: 0CVE-2016-5363 – openstack-neutron: MAC source address spoofing vulnerability
https://notcve.org/view.php?id=CVE-2016-5363
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic. El firewall IPTables en OpenStack Neutron en versiones anteriores a 7.0.4 y 8.0.0 hasta la versión 8.1.0 permite a atacantes remotos eludir un mecanismo de protección destinado a suplantar una MAC y consecuentemente provocar una denegación de servicio o interceptar tráfico de red a través de (1) la detección de un mensaje DHCP manipulado o (2) tráfico no IP manipulado. Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests. • http://www.openwall.com/lists/oss-security/2016/06/10/5 http://www.openwall.com/lists/oss-security/2016/06/10/6 https://access.redhat.com/errata/RHSA-2016:1473 https://access.redhat.com/errata/RHSA-2016:1474 https://bugs.launchpad.net/neutron/+bug/1558658 https://review.openstack.org/#/c/299021 https://review.openstack.org/#/c/299023 https://review.openstack.org/#/c/299025 https://security.openstack.org/ossa/OSSA-2016-009.html https://access. • CWE-254: 7PK - Security Features •
CVSS: 8.2EPSS: 3%CPEs: 2EXPL: 0CVE-2016-5362 – openstack-neutron: DHCP spoofing vulnerability
https://notcve.org/view.php?id=CVE-2016-5362
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message. El firewall IPTables en OpenStack Neutron en versiones anteriores a 7.0.4 y 8.0.0 hasta la versión 8.1.0 permite a atacantes remotos eludir un mecanismo destinado a la protección DHCP-spoofing y consecuentemente causar una denegación de servicio o interceptar tráfico de la red a través de un mensaje DHCP de descubrimiento manipulado. Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests. • http://www.openwall.com/lists/oss-security/2016/06/10/5 http://www.openwall.com/lists/oss-security/2016/06/10/6 https://access.redhat.com/errata/RHSA-2016:1473 https://access.redhat.com/errata/RHSA-2016:1474 https://bugs.launchpad.net/neutron/+bug/1558658 https://review.openstack.org/#/c/300202 https://review.openstack.org/#/c/303563 https://review.openstack.org/#/c/303572 https://security.openstack.org/ossa/OSSA-2016-009.html https://access. • CWE-254: 7PK - Security Features •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5240 – openstack-neutron: Firewall rules bypass through port update
https://notcve.org/view.php?id=CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied. Condición de carrera en OpenStack Neutron en versiones anteriores 2014.2.4 and 2015.1 en versiones anteriores 2015.1.2, cuando se utiliza el plugin ML2 o los grupos de seguridad de API AMQP, permite a usuarios remotos autenticados eludir controles IP anti-spoofing cambiando el propietario del dispositivo de un puerto para empezar con la red: antes de que las reglas de seguridad de grupo sean aplicadas. A race-condition flaw leading to ACL bypass was discovered in OpenStack Networking (neutron). An authenticated user could change the owner of a port after it was created but before firewall rules were applied, thus preventing firewall control checks from occurring. All OpenStack Networking deployments that used either the ML2 plug-in or a plug-in that relied on the security groups AMQP API were affected. • http://rhn.redhat.com/errata/RHSA-2015-1909.html http://www.openwall.com/lists/oss-security/2015/09/08/9 https://bugs.launchpad.net/neutron/+bug/1489111 https://bugzilla.redhat.com/show_bug.cgi?id=1258458 https://security.openstack.org/ossa/OSSA-2015-018.html https://access.redhat.com/security/cve/CVE-2015-5240 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.0EPSS: 2%CPEs: 2EXPL: 1CVE-2015-3221 – GeniXCMS 0.0.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-3221
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool. Vulnerabilidad en OpenStack Neutron en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.1 (kilo), cuando se usa el controlador del firewall IPTables, permite a usuarios remotos autenticados causar una denegación de servicio (caída del agente L2) añadiendo un par de direcciones que son rechazadas por la herramienta ipset. A Denial-of-Service flaw was found in the OpenStack Networking (neutron) L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool (with zero prefix size), an authenticated attacker can cause the L2 agent to crash. • https://www.exploit-db.com/exploits/37360 http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html http://rhn.redhat.com/errata/RHSA-2015-1680.html http://www.securityfocus.com/bid/75368 https://bugs.launchpad.net/neutron/+bug/1461054 https://access.redhat.com/security/cve/CVE-2015-3221 https://bugzilla.redhat.com/show_bug.cgi?id=1232284 • CWE-20: Improper Input Validation CWE-248: Uncaught Exception •