Open vSwitch Firewall Rule Vulnerability in OpenStack Neutron
CVE-2021-20267

7.1HIGH

Key Information:

Vendor: Openstack
Status: Openstack-neutron
Vendor: CVE Published:; 28 May 2021

What is CVE-2021-20267?

A vulnerability exists in the default firewall rules of Open vSwitch within the OpenStack Neutron project. This flaw allows an attacker with control over a server instance linked to the affected virtual switch to send crafted packets that impersonate the IPv6 addresses of other devices on the network. This behavior can lead to denial-of-service conditions or unauthorized interception of network traffic meant for different destinations, impacting overall network security. Deployments utilizing the Open vSwitch driver prior to the specified safe versions are particularly at risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

openstack-neutron openstack-neutron 15.3.3, openstack-neutron 16.3.1, openstack-neutron 17.1.1

References

https://bugzilla.redhat.com/show_bug.cgi?id=1934330

x_refsource_MISC

https://security.openstack.org/ossa/OSSA-2021-001.html

x_refsource_CONFIRM

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 28, 2021
Vulnerability Reserved
Dec 17, 2020

JSON

Openstack