Privilege Escalation Vulnerability in Red Hat OpenStack Neutron Package
CVE-2014-3632

Currently unrated

Key Information:

Vendor: Openstack
Status: Neutron
Vendor: CVE Published:; 7 October 2014

Summary

A privilege escalation vulnerability exists in the default configuration of the sudoers file within the Red Hat OpenStack Neutron package. This flaw, present before the 2014.1.2-4 version, could be exploited by remote attackers via a specially crafted configuration file, enabling unauthorized access to elevated privileges. The issue stems from a regression of a previously identified vulnerability, highlighting the importance of secure configuration practices in managing system permissions.

References

http://rhn.redhat.com/errata/RHSA-2014-1339.html

vendor-advisoryx_refsource_REDHAT

Timeline

Vulnerability published
Oct 7, 2014
Vulnerability Reserved
May 14, 2014