PT-2016-4058 · Openstack · Openstack Neutron

Romain Aviolat

Publicado

2016-06-17

Atualizado

2022-05-14

CVE-2015-8914

CVSS v3.1

9.1

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenStack Neutron versions prior to 7.0.4 OpenStack Neutron versions 8.0.0 through 8.1.0

Description The issue allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism, which can lead to a denial of service or the interception of network traffic via a link-local source address.

Recommendations For versions prior to 7.0.4, update to version 7.0.4 or later. For versions 8.0.0 through 8.1.0, update to a version later than 8.1.0.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-923CWE-254

Identificadores relacionados

CVE-2015-8914

GHSA-3VJ4-CVJP-482H

RHSA-2016:1473

RHSA-2016:1474

Produtos afetados

Openstack Neutron

PT-2016-4058 · Openstack · Openstack Neutron

CVE-2015-8914

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 18