Race-Condition Flaw in OpenStack Neutron by Red Hat
CVE-2017-7543

5.3MEDIUM

Key Information:

Vendor

Red Hat
Status
Openstack-neutron
Vendor
CVE Published:
26 July 2018

What is CVE-2017-7543?

A race-condition vulnerability exists in OpenStack Neutron that can disable security groups during a minor overcloud update. This flaw leads to the reset of critical parameters, allowing unauthorized access to tenant virtual machines and network resources. Attackers could exploit this condition to compromise the security of cloud environments, particularly when these updates are implemented, increasing the need for vigilance and prompt remediation measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

openstack-neutron openstack-neutron-10.0.2-1.1

openstack-neutron openstack-neutron-8.3.0-11.1

openstack-neutron openstack-neutron-9.3.1-2.1

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:2447
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:2451
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.