Denial of Service Issue in OpenStack Neutron by OpenStack
CVE-2014-3555

Currently unrated

Key Information:

Vendor: Openstack
Status: Neutron
Vendor: CVE Published:; 23 July 2014

What is CVE-2014-3555?

A vulnerability in OpenStack Neutron allows remote authenticated users to cause a denial of service. By creating a large number of allowed address pairs, attackers can trigger crashes or significantly delay firewall rule updates, affecting the overall network performance. This vulnerability impacts several versions of Neutron prior to specific releases, necessitating prompt attention from system administrators to mitigate potential exploits.

References

http://secunia.com/advisories/60804

third-party-advisoryx_refsource_SECUNIA

http://rhn.redhat.com/errata/RHSA-2014-1120.html

vendor-advisoryx_refsource_REDHAT

http://www.securityfocus.com/bid/68765

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 23, 2014
Vulnerability Reserved
May 14, 2014

Openstack

What is CVE-2014-3555?

References

Timeline