cbcvebase.

Openstack Neutron vulnerabilities

31 known vulnerabilities affecting openstack/neutron.

Total CVEs
31
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL3HIGH5MEDIUM20LOW3

Vulnerabilities

Page 1 of 2
CVE-2021-38598P3CRITICALCVSS 9.1fixed in 16.4.1≥ 17.0.0, < 17.1.3+1 more2021-08-23
CVE-2021-38598 [CRITICAL] CWE-290 CVE-2021-38598: OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonatio OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the hardware addresses of other syste
ghsanvdosv
CVE-2015-8914P3CRITICALCVSS 9.1≥ 7.0.0, < 7.0.4≥ 8.0.0, ≤ 8.1.02016-06-17
CVE-2015-8914 [CRITICAL] CWE-254 CVE-2015-8914: The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attack The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
ghsanvdosv
CVE-2015-3221P4MEDIUMCVSS 4.0PoC≥ 2014.2, < 2014.2.4≥ 2015.1.0, < 2015.1.12015-08-26
CVE-2015-3221 [MEDIUM] CWE-20 CVE-2015-3221: OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTable OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
ghsanvdosv
CVE-2024-53916P3MEDIUMCVSS 7.5≥ 23.0.0, < 23.2.1≥ 24.0.0, < 24.0.2+1 more2024-11-25
CVE-2024-53916 [MEDIUM] CWE-345 OpenStack Neutron can use an incorrect ID during policy enforcement OpenStack Neutron can use an incorrect ID during policy enforcement In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subject
ghsaosv
CVE-2014-0187P3CRITICALCVSS 9.0v2013.1v2013.1.1+9 more2014-04-28
CVE-2014-0187 [CRITICAL] CWE-264 CVE-2014-0187: The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.
nvdosv
CVE-2016-5363P3HIGHCVSS 8.2v7.0.0v7.0.1+5 more2016-06-17
CVE-2016-5363 [HIGH] CWE-254 CVE-2016-5363: The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attack The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.
ghsanvdosv
CVE-2016-5362P3HIGHCVSS 8.2≥ 7.0.0, < 7.0.4≥ 8.0.0, ≤ 8.1.02016-06-17
CVE-2016-5362 [HIGH] CWE-254 CVE-2016-5362: The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attack The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
ghsanvdosv
CVE-2013-6433P3HIGHCVSS 7.6≥ 2013.1, ≤ 2013.2.32014-06-02
CVE-2013-6433 [HIGH] CWE-264 CVE-2013-6433: The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not proper The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.
nvdosv
CVE-2014-3632P3HIGHCVSS 7.6≥ 2014.1, ≤ 2014.1.22014-10-07
CVE-2014-3632 [HIGH] CVE-2014-3632: The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2 The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows remote attackers to gain privileges via a crafted configuration file. NOTE: this vulnerability exists because of a CVE-2013-6433 regression.
nvd
CVE-2021-20267P3HIGHCVSS 7.1fixed in 16.3.3≥ 17.0.0, < 17.1.3+1 more2021-05-28
CVE-2021-20267 [HIGH] CWE-345 CVE-2021-20267: A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully cr A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other
ghsanvdosv
CVE-2019-9735P3MEDIUMCVSS 6.5fixed in 10.0.8≥ 11.0.0, < 11.0.7+2 more2019-03-13
CVE-2019-9735 [MEDIUM] CWE-755 CVE-2019-9735: An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x bef An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security gr
ghsanvdosv
CVE-2021-40085P3MEDIUMCVSS 6.5fixed in 16.4.1≥ 17.0.0, < 17.2.1+1 more2021-08-31
CVE-2021-40085 [MEDIUM] CVE-2021-40085: An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1 An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
ghsanvdosv
CVE-2019-10876P3MEDIUMCVSS 6.5≥ 11.0.0, < 11.0.7≥ 12.0.0, < 12.0.6+1 more2019-04-05
CVE-2019-10876 [MEDIUM] CVE-2019-10876: An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) fire
ghsanvdosv
CVE-2014-0071P3MEDIUMCVSS 6.4≥ 0, < 2014.1-12014-04-17
CVE-2014-0071 [MEDIUM] CVE-2014-0071: PackStack in Red Hat OpenStack 4 PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.
osv
CVE-2018-14635P4MEDIUMCVSS 6.5≥ 11.0.0, ≤ 11.0.5≥ 12.0.0, ≤ 12.0.3+1 more2018-09-10
CVE-2018-14635 [MEDIUM] CWE-20 CVE-2018-14635: When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports w When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of opensta
ghsanvdosv
CVE-2021-40797P4MEDIUMCVSS 6.5fixed in 16.4.1≥ 17.0.0, < 17.2.1+1 more2021-09-08
CVE-2021-40797 [MEDIUM] CWE-772 CVE-2021-40797: An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17. An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.
ghsanvdosv
CVE-2022-3277P4MEDIUMCVSS 6.5fixed in 18.6.0≥ 19.0.0, < 19.5.02023-03-06
CVE-2022-3277 [MEDIUM] CWE-400 CVE-2022-3277: An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of ser
ghsanvdosv
CVE-2017-7543P4MEDIUMCVSS 5.9≥ 7.0.0, < 7.2.0-12.1≥ 8.0.0, < 8.3.0-11.1+2 more2018-07-26
CVE-2017-7543 [MEDIUM] CWE-362 CVE-2017-7543: A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. T
ghsanvdosv
CVE-2026-49299P4MEDIUMCVSS 5.3≥ 26.0.0, < 26.0.4≥ 27.0.0, < 27.0.3+1 more2026-05-28
CVE-2026-49299 [MEDIUM] CWE-863 CVE-2026-49299: In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on si In OpenStack Neutron before 28.0.1, the tagging controller enforces plural policy action names on single-tag write operations while the defined policy rules use singular names. The mismatched names evaluate as allowed under the default policy, permitting a project reader to create and update tags on same-project resources. Deployments running Neutro
nvd
CVE-2023-3637P4MEDIUM≥ 0, ≤ 22.0.22023-07-25
CVE-2023-3637 [MEDIUM] CWE-400 Denial of service in neutron Denial of service in neutron An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
ghsaosv
Openstack Neutron vulnerabilities | cvebase