Open vSwitch Firewall Rule Vulnerability in OpenStack Neutron
CVE-2021-20267

7.1HIGH

Key Information:

Vendor
Openstack
Vendor
CVE Published:
28 May 2021

Summary

A vulnerability exists in the default firewall rules of Open vSwitch within the OpenStack Neutron project. This flaw allows an attacker with control over a server instance linked to the affected virtual switch to send crafted packets that impersonate the IPv6 addresses of other devices on the network. This behavior can lead to denial-of-service conditions or unauthorized interception of network traffic meant for different destinations, impacting overall network security. Deployments utilizing the Open vSwitch driver prior to the specified safe versions are particularly at risk.

Affected Version(s)

openstack-neutron openstack-neutron 15.3.3, openstack-neutron 16.3.1, openstack-neutron 17.1.1

References

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.