CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2015-8914

CRITICAL
9.1
CVSS Severity Score
EPSS Score0.1640%
EPSS Percentile30.01th
Published2016年6月17日
Last Modified2026年5月6日

Vulnerability Description

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.

Affected Platforms (CPE)

📦
Openstack

Neutron

>= 7.0.0 and < 7.0.4
📦
Openstack

Neutron

>= 8.0.0 and <= 8.1.0

References & Advisories

🔗 http://www.openwall.com/lists/oss-security/2016/06/10/5
🔗 http://www.openwall.com/lists/oss-security/2016/06/10/6
🔗 https://access.redhat.com/errata/RHSA-2016:1473
🔗 https://access.redhat.com/errata/RHSA-2016:1474
🔗 https://bugs.launchpad.net/neutron/+bug/1502933
🔗 https://review.openstack.org/#/c/300233/
🔗 https://review.openstack.org/#/c/310648/
🔗 https://review.openstack.org/#/c/310652/

相關漏洞威脅

CVE-2023-41789.8

Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass. This issue affects Neu...

CVE-2021-385989.1

OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver ...

CVE-2014-01879.0

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated u...

CVE-2016-53628.2

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP...