PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.
PackStack en Red Hat OpenStack 4.0 no fuerza los grupos de seguridad por defecto cuando desplegados hacia Neutron, lo que permite a atacantes remotos evadir restricciones de acceso y hacer conexiones no autorizadas.
PackStack is a command-line utility that uses Puppet modules to support rapid deployment of OpenStack on existing servers over an SSH connection. PackStack is suitable for deploying both single node proof-of-concept installations and more complex multi-node installations. It was found that PackStack did not correctly install the rules defined in the default security groups when deployed on OpenStack Networking, allowing network connections to be made to systems that should not have been accessible.
