PT-2014-5718 · Openstack+1 · Openstack Neutron+1

Baodong Li

Published

2014-06-18

Updated

2018-10-22

CVE-2014-4167

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions OpenStack Neutron versions before 2013.2.4 OpenStack Neutron versions 2014.x before 2014.1.2 OpenStack Neutron Juno before Juno-2

Description The issue allows remote authenticated users to cause a denial of service, specifically an IPv4 address attachment outage, by attaching an IPv6 private subnet to a L3 router.

Recommendations For OpenStack Neutron versions before 2013.2.4, update to version 2013.2.4 or later. For OpenStack Neutron versions 2014.x before 2014.1.2, update to version 2014.1.2 or later. For OpenStack Neutron Juno before Juno-2, update to Juno-2 or later.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-264

Related Identifiers

CVE-2014-4167

RHSA-2014:0899

USN-2255-1

Affected Products

Openstack Neutron

Ubuntu

PT-2014-5718 · Openstack+1 · Openstack Neutron+1

CVE-2014-4167

Weakness Enumeration

Related Identifiers

Affected Products

References · 18