Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openstack neutron vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2018-14635
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then a...
Redhat Openstack 12
Redhat Openstack 10
Redhat Openstack 13
Openstack Neutron
Openstack Neutron 13.0.0.0
445
VMScore
CVE-2017-5936
OpenStack Nova-LXD prior to 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote malicious users to bypass intended security restrictions.
Canonical Ubuntu Linux 16.04
Openstack Nova-lxd
570
VMScore
CVE-2015-8914
The IPTables firewall in OpenStack Neutron prior to 7.0.4 and 8.0.0 up to and including 8.1.0 allows remote malicious users to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source a...
Openstack Neutron
312
VMScore
CVE-2015-5240
Race condition in OpenStack Neutron prior to 2014.2.4 and 2015.1 prior to 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: befor...
Openstack Neutron 2015.1.1
Openstack Neutron 2014.2.3
Openstack Neutron 2015.1.0
356
VMScore
CVE-2014-8153
The L3 agent in OpenStack Neutron 2014.2.x prior to 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each.
Litech Router Advertisement Daemon 2.0
Openstack Neutron 2014.2
Openstack Neutron 2014.2.1
356
VMScore
CVE-2014-7821
OpenStack Neutron prior to 2014.1.4 and 2014.2.x prior to 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.
Openstack Neutron
Fedoraproject Fedora 20
Redhat Openstack 4.0
356
VMScore
CVE-2014-6414
OpenStack Neutron prior to 2014.2.4 and 2014.1 prior to 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
Openstack Neutron
Canonical Ubuntu Linux 14.04
356
VMScore
CVE-2014-3555
OpenStack Neutron prior to 2013.2.4, 2014.x prior to 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
Openstack Neutron 2014.1
Openstack Neutron 2014.1.1
Openstack Neutron Juno-1
Openstack Neutron 2013.2.4
187
VMScore
CVE-2014-0056
The l3-agent in OpenStack Neutron 2012.2 prior to 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.
Openstack Neutron 2013.2.2
Openstack Neutron 2012.2.4
Openstack Neutron 2013.1.1
Openstack Neutron 2012.2.2
Openstack Neutron 2013.1.3
Openstack Neutron 2012.2.1
Openstack Neutron 2013.2
Openstack Neutron 2013.1.4
Openstack Neutron 2013.1.5
Openstack Neutron 2013.1
Openstack Neutron 2012.2.3
Openstack Neutron 2013.1.2
Openstack Neutron 2012.2
Openstack Neutron 2013.2.1
Canonical Ubuntu Linux 13.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2