cbcvebase.
CVE-2014-4167
published 2014-07-11

CVE-2014-4167: The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of…

PriorityP413low3.5CVSS 2.0
AVNACMAuSCNINAP
EPSS
1.66%
73.7th percentile
The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

Affected

11 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
debianneutron< neutron 2014.1.1-1 (bookworm)neutron 2014.1.1-1 (bookworm)
openstackneutron
openstackneutron
openstackneutron>= 0 < 2014.1.1-12014.1.1-1
openstackneutron>= 0 < 2014.1.1-12014.1.1-1
openstackneutron>= 0 < 2014.1.1-12014.1.1-1
openstackneutron>= 0 < 2014.1.1-12014.1.1-1
openstackneutron>= 0 < 1:2014.1-0ubuntu1.31:2014.1-0ubuntu1.3
openstackneutron2011.1 – 2013.2.3

CVSS provenance

nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:N/A:P
osv7.6HIGH
vendor_ubuntu7.6HIGH
vendor_debian3.5LOW
vendor_redhat3.5LOW
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.