Cthiel-Suse

**Name of the Vulnerable Software and Affected Versions** OpenStack Neutron versions 2013.1 through 2013.2.3 OpenStack Neutron versions 2014.1 through 2014.1.0 **Description** The issue allows remote authenticated users to bypass security group restrictions. This is achieved by using an invalid CIDR in a security group rule, which prevents further rules from being applied. **Recommendations** For OpenStack Neutron versions 2013.1 through 2013.2.3, update to version 2013.2.4 or later. For OpenStack Neutron versions 2014.1 through 2014.1.0, update to version 2014.1.1 or later.