CVE-2014-3555

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:neutron:2013.2.4:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:juno-1:*:*:*:*:*:*:*

History

21 Nov 2024, 02:08

Type Values Removed Values Added
References () http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html - Vendor Advisory () http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html - Vendor Advisory
References () http://rhn.redhat.com/errata/RHSA-2014-1119.html - () http://rhn.redhat.com/errata/RHSA-2014-1119.html -
References () http://rhn.redhat.com/errata/RHSA-2014-1120.html - () http://rhn.redhat.com/errata/RHSA-2014-1120.html -
References () http://seclists.org/oss-sec/2014/q3/200 - () http://seclists.org/oss-sec/2014/q3/200 -
References () http://secunia.com/advisories/60766 - () http://secunia.com/advisories/60766 -
References () http://secunia.com/advisories/60804 - () http://secunia.com/advisories/60804 -
References () http://www.securityfocus.com/bid/68765 - () http://www.securityfocus.com/bid/68765 -
References () https://bugs.launchpad.net/neutron/+bug/1336207 - () https://bugs.launchpad.net/neutron/+bug/1336207 -

Information

Published : 2014-07-23 14:55

Updated : 2024-11-21 02:08


NVD link : CVE-2014-3555

Mitre link : CVE-2014-3555

CVE.ORG link : CVE-2014-3555


JSON object : View

Products Affected

openstack

  • neutron
CWE
CWE-264

Permissions, Privileges, and Access Controls