PT-2016-6391 · Openstack · Openstack Neutron

Dustin Lundquist

Published

2016-06-17

Updated

2022-05-14

CVE-2016-5362

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions OpenStack Neutron versions prior to 7.0.4 OpenStack Neutron versions 8.0.0 through 8.1.0

Description The issue allows remote attackers to bypass an intended DHCP-spoofing protection mechanism. This can cause a denial of service or allow the interception of network traffic via a crafted DHCP discovery message.

Recommendations For OpenStack Neutron versions prior to 7.0.4, update to version 7.0.4 or later. For OpenStack Neutron versions 8.0.0 through 8.1.0, update to a version outside of this range.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-923CWE-254

Related Identifiers

CVE-2016-5362

GHSA-QPWC-P365-PQRR

RHSA-2016:1473

RHSA-2016:1474

SUSE-SU-2016:2143-1

Affected Products

Openstack Neutron

PT-2016-6391 · Openstack · Openstack Neutron

CVE-2016-5362

Weakness Enumeration

Related Identifiers

Affected Products

References · 31