CyberSec.Space Logo
Back to CVE Browser

CVE-2019-10876

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1530%
EPSS Percentile43.57th
PublishedApr 5, 2019
Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

Affected Platforms (CPE)

πŸ“¦
Openstack

Neutron

>= 11.0.0 and < 11.0.7
πŸ“¦
Openstack

Neutron

>= 12.0.0 and < 12.0.6
πŸ“¦
Openstack

Neutron

>= 13.0.0 and < 13.0.3
πŸ“¦
Redhat

Openstack

= 13
πŸ“¦
Redhat

Openstack

= 14

References & Advisories

πŸ”— http://www.openwall.com/lists/oss-security/2019/04/09/2
πŸ”— https://access.redhat.com/errata/RHSA-2019:0879
πŸ”— https://access.redhat.com/errata/RHSA-2019:0935
πŸ”— https://bugs.launchpad.net/ossa/+bug/1813007
πŸ”— https://review.openstack.org/#/q/topic:bug/1813007
πŸ”— https://security.openstack.org/ossa/OSSA-2019-002.html
πŸ”— http://www.openwall.com/lists/oss-security/2019/04/09/2
πŸ”— https://access.redhat.com/errata/RHSA-2019:0879

Related Vulnerabilities

CVE-2023-41789.8

Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass. This issue affects Neu...

CVE-2015-89149.1

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMP...

CVE-2021-385989.1

OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver ...

CVE-2014-01879.0

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated u...