OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html - Vendor Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2014-1119.html - | |
References | () http://rhn.redhat.com/errata/RHSA-2014-1120.html - | |
References | () http://seclists.org/oss-sec/2014/q3/200 - | |
References | () http://secunia.com/advisories/60766 - | |
References | () http://secunia.com/advisories/60804 - | |
References | () http://www.securityfocus.com/bid/68765 - | |
References | () https://bugs.launchpad.net/neutron/+bug/1336207 - |
Information
Published : 2014-07-23 14:55
Updated : 2024-11-21 02:08
NVD link : CVE-2014-3555
Mitre link : CVE-2014-3555
CVE.ORG link : CVE-2014-3555
JSON object : View
Products Affected
openstack
- neutron
CWE
CWE-264
Permissions, Privileges, and Access Controls