CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openstack:neutron:2013.1.4:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.2.3:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.1.3:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.1.5:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.1.1:*:*:*:*:*:*:*
cpe:2.3:a:openstack:neutron:2013.1.2:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

Information

Published : 2014-04-28 07:09

Updated : 2018-10-30 09:27


NVD link : CVE-2014-0187

Mitre link : CVE-2014-0187


JSON object : View

CWE
CWE-264

Permissions, Privileges, and Access Controls

Advertisement

dedicated server usa

Products Affected

canonical

  • ubuntu_linux

openstack

  • neutron

opensuse

  • opensuse