CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2015-5240 – openstack-neutron: Firewall rules bypass through port update
https://notcve.org/view.php?id=CVE-2015-5240
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied. Condición de carrera en OpenStack Neutron en versiones anteriores 2014.2.4 and 2015.1 en versiones anteriores 2015.1.2, cuando se utiliza el plugin ML2 o los grupos de seguridad de API AMQP, permite a usuarios remotos autenticados eludir controles IP anti-spoofing cambiando el propietario del dispositivo de un puerto para empezar con la red: antes de que las reglas de seguridad de grupo sean aplicadas. A race-condition flaw leading to ACL bypass was discovered in OpenStack Networking (neutron). An authenticated user could change the owner of a port after it was created but before firewall rules were applied, thus preventing firewall control checks from occurring. All OpenStack Networking deployments that used either the ML2 plug-in or a plug-in that relied on the security groups AMQP API were affected. • http://rhn.redhat.com/errata/RHSA-2015-1909.html http://www.openwall.com/lists/oss-security/2015/09/08/9 https://bugs.launchpad.net/neutron/+bug/1489111 https://bugzilla.redhat.com/show_bug.cgi?id=1258458 https://security.openstack.org/ossa/OSSA-2015-018.html https://access.redhat.com/security/cve/CVE-2015-5240 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 4.0EPSS: 2%CPEs: 2EXPL: 1CVE-2015-3221 – GeniXCMS 0.0.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2015-3221
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool. Vulnerabilidad en OpenStack Neutron en versiones anteriores a 2014.2.4 (juno) y 2015.1.x en versiones anteriores a 2015.1.1 (kilo), cuando se usa el controlador del firewall IPTables, permite a usuarios remotos autenticados causar una denegación de servicio (caída del agente L2) añadiendo un par de direcciones que son rechazadas por la herramienta ipset. A Denial-of-Service flaw was found in the OpenStack Networking (neutron) L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool (with zero prefix size), an authenticated attacker can cause the L2 agent to crash. • https://www.exploit-db.com/exploits/37360 http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html http://rhn.redhat.com/errata/RHSA-2015-1680.html http://www.securityfocus.com/bid/75368 https://bugs.launchpad.net/neutron/+bug/1461054 https://access.redhat.com/security/cve/CVE-2015-3221 https://bugzilla.redhat.com/show_bug.cgi?id=1232284 • CWE-20: Improper Input Validation CWE-248: Uncaught Exception •
CVSS: 4.0EPSS: 4%CPEs: 3EXPL: 0CVE-2014-8153
https://notcve.org/view.php?id=CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each. El agente L3 en OpenStack Neutron 2014.2.x anterior a 2014.2.2, cuando utiliza radvd 2.0+, permite a usuarios remotos autenticados causar una denegación de servicio (el procesamiento de la actualización de routers bloqueado) mediante la creación de ocho routers y asignandoles una subred no proveedor ipv6 a cada uno. • http://lists.openstack.org/pipermail/openstack-announce/2015-January/000320.html http://www.securityfocus.com/bid/71961 https://bugs.launchpad.net/neutron/+bug/1398779 https://bugs.launchpad.net/neutron/+bug/1399172 https://bugzilla.redhat.com/show_bug.cgi?id=1169408 • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-7821 – openstack-neutron: DoS via maliciously crafted dns_nameservers
https://notcve.org/view.php?id=CVE-2014-7821
OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration. OpenStack Neutron anterior a 2014.1.4 y 2014.2.x anterior a 2014.2.1 permite a usuarios remotos autenticados causar una denegación de servicio (caída) a través de un valor dns_nameservers manipulado en la configuración DNS. A denial of service flaw was found in the way neutron handled the 'dns_nameservers' parameter. By providing specially crafted 'dns_nameservers' values, an authenticated user could use this flaw to crash the neutron service. • http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155351.html http://lists.openstack.org/pipermail/openstack-announce/2014-November/000303.html http://rhn.redhat.com/errata/RHSA-2014-1938.html http://rhn.redhat.com/errata/RHSA-2014-1942.html http://rhn.redhat.com/errata/RHSA-2015-0044.html http://secunia.com/advisories/62586 http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html https://bugs.launchpad.net/neutron/+bug/1378450 https://exchange.x • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 4.0EPSS: 0%CPEs: 4EXPL: 0CVE-2014-6414 – openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users
https://notcve.org/view.php?id=CVE-2014-6414
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors. OpenStack Neutron anterior a 2014.2.4 y 2014.1 anterior a 2014.1.2 permite a usuarios remotos autenticados configurar los atributos de la red de administración a los valores por defecto a través de vectores no especificados. It was discovered that unprivileged users could in some cases reset admin-only network attributes to their default values. This could lead to unexpected behavior or in some cases result in a denial of service. • http://rhn.redhat.com/errata/RHSA-2014-1686.html http://rhn.redhat.com/errata/RHSA-2014-1785.html http://rhn.redhat.com/errata/RHSA-2014-1786.html http://secunia.com/advisories/62299 http://www.openwall.com/lists/oss-security/2014/09/15/5 http://www.ubuntu.com/usn/USN-2408-1 https://bugs.launchpad.net/neutron/+bug/1357379 https://access.redhat.com/security/cve/CVE-2014-6414 https://bugzilla.redhat.com/show_bug.cgi?id=1142012 • CWE-264: Permissions, Privileges, and Access Controls CWE-862: Missing Authorization •