Neutron

neutron

Vendor: Openstack • 25 CVEs

CVEs (25)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2014-3555 1Openstack 1Neutron May 6, 2026 Jul 23, 2014 N/A· v4 N/A· v3 4.0 MEDIUM· v2 OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed...Show more OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.Show less
CVE-2014-4167 2Canonical Openstack 2Neutron Ubuntu Linux May 6, 2026 Jul 11, 2014 N/A· v4 N/A· v3 3.5 LOW· v2 The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 priva...Show more The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.Show less
CVE-2013-6433 2Canonical Openstack 2Neutron Ubuntu Linux May 6, 2026 Jun 2, 2014 N/A· v4 N/A· v3 7.6 HIGH· v2 The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration f...Show more The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.Show less
CVE-2014-0056 2Canonical Openstack 2Neutron Ubuntu Linux May 6, 2026 May 8, 2014 N/A· v4 N/A· v3 2.1 LOW· v2 The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in...Show more The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.Show less
CVE-2014-0187 3Canonical OpenstackOpensuse 3Neutron OpensuseUbuntu Linux May 6, 2026 Apr 28, 2014 N/A· v4 N/A· v3 9.0 HIGH· v2 The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, w...Show more The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.Show less

Previous 12