Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openstack neutron vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-14636
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete....
Openstack Neutron
Openstack Neutron 13.0.0
5
CVSSv2
CVE-2017-5936
OpenStack Nova-LXD prior to 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote malicious users to bypass intended security restrictions.
Canonical Ubuntu Linux 16.04
Openstack Nova-lxd
6.4
CVSSv2
CVE-2015-8914
The IPTables firewall in OpenStack Neutron prior to 7.0.4 and 8.0.0 up to and including 8.1.0 allows remote malicious users to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source a...
Openstack Neutron
3.5
CVSSv2
CVE-2015-5240
Race condition in OpenStack Neutron prior to 2014.2.4 and 2015.1 prior to 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: befor...
Openstack Neutron 2015.1.1
Openstack Neutron 2014.2.3
Openstack Neutron 2015.1.0
4
CVSSv2
CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x prior to 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
Litech Router Advertisement Daemon 2.0
Openstack Neutron 2014.2
Openstack Neutron 2014.2.1
4
CVSSv2
CVE-2014-7821
OpenStack Neutron prior to 2014.1.4 and 2014.2.x prior to 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.
Openstack Neutron
Fedoraproject Fedora 20
Redhat Openstack 4.0
4
CVSSv2
CVE-2014-6414
OpenStack Neutron prior to 2014.2.4 and 2014.1 prior to 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
Openstack Neutron
Canonical Ubuntu Linux 14.04
4
CVSSv2
CVE-2014-3555
OpenStack Neutron prior to 2013.2.4, 2014.x prior to 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
Openstack Neutron 2014.1
Openstack Neutron 2014.1.1
Openstack Neutron Juno-1
Openstack Neutron 2013.2.4
2.1
CVSSv2
CVE-2014-0056
The l3-agent in OpenStack Neutron 2012.2 prior to 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.
Openstack Neutron 2013.2.2
Openstack Neutron 2012.2.4
Openstack Neutron 2013.1.1
Openstack Neutron 2012.2.2
Openstack Neutron 2013.1.3
Openstack Neutron 2012.2.1
Openstack Neutron 2013.2
Openstack Neutron 2013.1.4
Openstack Neutron 2013.1.5
Openstack Neutron 2013.1
Openstack Neutron 2012.2.3
Openstack Neutron 2013.1.2
Openstack Neutron 2012.2
Openstack Neutron 2013.2.1
Canonical Ubuntu Linux 13.10
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2