CVE-2014-3555

Currently unrated

Key Information:

Vendor: Openstack
Status: Neutron
Vendor: CVE Published:; 23 July 2014

Summary

OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.

References

http://secunia.com/advisories/60804

third-party-advisoryx_refsource_SECUNIA

http://rhn.redhat.com/errata/RHSA-2014-1120.html

vendor-advisoryx_refsource_REDHAT

http://www.securityfocus.com/bid/68765

vdb-entryx_refsource_BID

EPSS Score

1% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jul 23, 2014
Vulnerability Reserved
May 14, 2014