CVE-2021-40085

6.5MEDIUM

Key Information

Vendor: Openstack
Status: Neutron
Vendor: CVE Published:; 31 August 2021

Summary

An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published.
Aug 31, 2021
Vulnerability Reserved.
Aug 25, 2021

Collectors

NVD DatabaseMitre Database