CVE-2014-6414

CWE-264CWE-862Missing Authorization9 documents8 sources
Severity
4.0MEDIUM
EPSS
0.6%
top 31.31%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Openstack NeutronCanonical Ubuntu Linux
Timeline
PublishedOct 2
Latest updateMay 14

Description

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

NVDopenstack/neutron2014.12014.1.2+2
Debianneutron< 2014.1.3-1+3

Also affects: Ubuntu Linux 14.04

Patches

Patch: bugs.launchpad.netPatch: bugs.launchpad.net

🔴Vulnerability Details

3
GHSA
GHSA-94x8-hxww-p5g2: OpenStack Neutron before 20142022-05-14
OSV
CVE-2014-6414: OpenStack Neutron before 20142014-10-02
CVEList
CVE-2014-6414: OpenStack Neutron before 20142014-10-02

📋Vendor Advisories

3
Ubuntu
OpenStack Neutron vulnerability2014-11-11
Red Hat
openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users2014-08-15
Debian
CVE-2014-6414: neutron - OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authe...2014

💬Community

2
Bugzilla
CVE-2014-6414 openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users2014-09-16
Bugzilla
CVE-2014-6414 openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users [fedora-20]2014-09-16
CVE-2014-6414 (MEDIUM CVSS 4) | OpenStack Neutron before 2014.2.4 a | cvebase.io