CyberSec.Space Logo
CVEブラウザに戻る

CVE-2016-5362

HIGH
8.2
CVSS Severity Score
EPSS Score0.0580%
EPSS Percentile41.08th
Published2016年6月17日
Last Modified2026年5月6日

Vulnerability Description

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.

Affected Platforms (CPE)

📦
Openstack

Neutron

>= 7.0.0 and < 7.0.4
📦
Openstack

Neutron

>= 8.0.0 and <= 8.1.0

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2016/06/10/5
🔗 http://www.openwall.com/lists/oss-security/2016/06/10/6
🔗 https://access.redhat.com/errata/RHSA-2016:1473
🔗 https://access.redhat.com/errata/RHSA-2016:1474
🔗 https://bugs.launchpad.net/neutron/+bug/1558658
🔗 https://review.openstack.org/#/c/300202/
🔗 https://review.openstack.org/#/c/303563/
🔗 https://review.openstack.org/#/c/303572/

関連する脆弱性情報

CVE-2023-41789.8

Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass. This issue affects Neu...

CVE-2015-89149.1

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMP...

CVE-2021-385989.1

OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver ...

CVE-2014-01879.0

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated u...