The l3-agent in OpenStack Neutron 2012.2 prior to 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openstack neutron 2013.2.2 |
||
openstack neutron 2012.2.4 |
||
openstack neutron 2013.1.1 |
||
openstack neutron 2012.2.2 |
||
openstack neutron 2013.1.3 |
||
openstack neutron 2012.2.1 |
||
openstack neutron 2013.2 |
||
openstack neutron 2013.1.4 |
||
openstack neutron 2013.1.5 |
||
openstack neutron 2013.1 |
||
openstack neutron 2012.2.3 |
||
openstack neutron 2013.1.2 |
||
openstack neutron 2012.2 |
||
openstack neutron 2013.2.1 |
||
canonical ubuntu linux 13.10 |