CyberSec.Space Logo
CVEブラウザに戻る

CVE-2019-10876

MEDIUM
6.5
CVSS Severity Score
EPSS Score0.1530%
EPSS Percentile43.57th
Published2019年4月5日
Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

Affected Platforms (CPE)

📦
Openstack

Neutron

>= 11.0.0 and < 11.0.7
📦
Openstack

Neutron

>= 12.0.0 and < 12.0.6
📦
Openstack

Neutron

>= 13.0.0 and < 13.0.3
📦
Redhat

Openstack

= 13
📦
Redhat

Openstack

= 14

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2019/04/09/2
🔗 https://access.redhat.com/errata/RHSA-2019:0879
🔗 https://access.redhat.com/errata/RHSA-2019:0935
🔗 https://bugs.launchpad.net/ossa/+bug/1813007
🔗 https://review.openstack.org/#/q/topic:bug/1813007
🔗 https://security.openstack.org/ossa/OSSA-2019-002.html
🔗 http://www.openwall.com/lists/oss-security/2019/04/09/2
🔗 https://access.redhat.com/errata/RHSA-2019:0879

関連する脆弱性情報

CVE-2023-41789.8

Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass. This issue affects Neu...

CVE-2015-89149.1

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMP...

CVE-2021-385989.1

OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver ...

CVE-2014-01879.0

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated u...