cbcvebase.
CVE-2014-3632
published 2014-10-07

CVE-2014-3632: The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform…

PriorityP338high7.6CVSS 2.0
AVNACHAuNCCICAC
EPSS
2.50%
82.7th percentile
The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows remote attackers to gain privileges via a crafted configuration file. NOTE: this vulnerability exists because of a CVE-2013-6433 regression.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianneutron
openstackneutron2014.1 – 2014.1.2

CVSS provenance

nvdv2.07.6HIGHAV:N/AC:H/Au:N/C:C/I:C/A:C
vendor_debian7.6LOW
vendor_redhat7.6HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.