Denial of Service Vulnerability in OpenStack Neutron by IPTables Firewall Driver
CVE-2015-3221

Currently unrated

Key Information:

Vendor
Openstack
Status
Vendor
CVE Published:
26 August 2015

Summary

An issue exists in OpenStack Neutron where the IPTables firewall driver is vulnerable to a Denial of Service attack. Remote authenticated users can exploit this vulnerability by adding an address pair that is subsequently rejected by the ipset tool, leading to a crash of the L2 agent. This behavior can undermine the availability of network services within the OpenStack environment, affecting system performance and reliability.

References

EPSS Score

8% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.