ID CVE-2014-7821
Summary OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.
References
Vulnerable Configurations
  • cpe:2.3:a:openstack:neutron:2014.2:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2014.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2012.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2012.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2012.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2012.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2012.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2012.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2012.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2012.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.1:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.1.4:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.1.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.1.5:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.2:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2013.2.4:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2013.2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2014.1.2:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2014.1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openstack:neutron:2014.1.3:*:*:*:*:*:*:*
    cpe:2.3:a:openstack:neutron:2014.1.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
  • cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
CVSS
Base: 4.0 (as of 13-02-2023 - 00:42)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:S/C:N/I:N/A:P
redhat via4
advisories
  • rhsa
    id RHSA-2014:1938
  • rhsa
    id RHSA-2014:1942
  • rhsa
    id RHSA-2015:0044
rpms
  • openstack-neutron-0:2014.1.3-12.el6ost
  • openstack-neutron-bigswitch-0:2014.1.3-12.el6ost
  • openstack-neutron-brocade-0:2014.1.3-12.el6ost
  • openstack-neutron-cisco-0:2014.1.3-12.el6ost
  • openstack-neutron-embrane-0:2014.1.3-12.el6ost
  • openstack-neutron-hyperv-0:2014.1.3-12.el6ost
  • openstack-neutron-ibm-0:2014.1.3-12.el6ost
  • openstack-neutron-linuxbridge-0:2014.1.3-12.el6ost
  • openstack-neutron-mellanox-0:2014.1.3-12.el6ost
  • openstack-neutron-metaplugin-0:2014.1.3-12.el6ost
  • openstack-neutron-metering-agent-0:2014.1.3-12.el6ost
  • openstack-neutron-midonet-0:2014.1.3-12.el6ost
  • openstack-neutron-ml2-0:2014.1.3-12.el6ost
  • openstack-neutron-nec-0:2014.1.3-12.el6ost
  • openstack-neutron-nuage-0:2014.1.3-12.el6ost
  • openstack-neutron-ofagent-0:2014.1.3-12.el6ost
  • openstack-neutron-oneconvergence-nvsd-0:2014.1.3-12.el6ost
  • openstack-neutron-openvswitch-0:2014.1.3-12.el6ost
  • openstack-neutron-plumgrid-0:2014.1.3-12.el6ost
  • openstack-neutron-ryu-0:2014.1.3-12.el6ost
  • openstack-neutron-vmware-0:2014.1.3-12.el6ost
  • openstack-neutron-vpn-agent-0:2014.1.3-12.el6ost
  • python-neutron-0:2014.1.3-12.el6ost
  • openstack-neutron-0:2014.1.3-11.el7ost
  • openstack-neutron-bigswitch-0:2014.1.3-11.el7ost
  • openstack-neutron-brocade-0:2014.1.3-11.el7ost
  • openstack-neutron-cisco-0:2014.1.3-11.el7ost
  • openstack-neutron-embrane-0:2014.1.3-11.el7ost
  • openstack-neutron-hyperv-0:2014.1.3-11.el7ost
  • openstack-neutron-ibm-0:2014.1.3-11.el7ost
  • openstack-neutron-linuxbridge-0:2014.1.3-11.el7ost
  • openstack-neutron-mellanox-0:2014.1.3-11.el7ost
  • openstack-neutron-metaplugin-0:2014.1.3-11.el7ost
  • openstack-neutron-metering-agent-0:2014.1.3-11.el7ost
  • openstack-neutron-midonet-0:2014.1.3-11.el7ost
  • openstack-neutron-ml2-0:2014.1.3-11.el7ost
  • openstack-neutron-nec-0:2014.1.3-11.el7ost
  • openstack-neutron-nuage-0:2014.1.3-11.el7ost
  • openstack-neutron-ofagent-0:2014.1.3-11.el7ost
  • openstack-neutron-oneconvergence-nvsd-0:2014.1.3-11.el7ost
  • openstack-neutron-openvswitch-0:2014.1.3-11.el7ost
  • openstack-neutron-plumgrid-0:2014.1.3-11.el7ost
  • openstack-neutron-ryu-0:2014.1.3-11.el7ost
  • openstack-neutron-vmware-0:2014.1.3-11.el7ost
  • openstack-neutron-vpn-agent-0:2014.1.3-11.el7ost
  • python-neutron-0:2014.1.3-11.el7ost
  • openstack-neutron-0:2013.2.4-6.el6ost
  • openstack-neutron-bigswitch-0:2013.2.4-6.el6ost
  • openstack-neutron-brocade-0:2013.2.4-6.el6ost
  • openstack-neutron-cisco-0:2013.2.4-6.el6ost
  • openstack-neutron-hyperv-0:2013.2.4-6.el6ost
  • openstack-neutron-linuxbridge-0:2013.2.4-6.el6ost
  • openstack-neutron-mellanox-0:2013.2.4-6.el6ost
  • openstack-neutron-metaplugin-0:2013.2.4-6.el6ost
  • openstack-neutron-metering-agent-0:2013.2.4-6.el6ost
  • openstack-neutron-midonet-0:2013.2.4-6.el6ost
  • openstack-neutron-ml2-0:2013.2.4-6.el6ost
  • openstack-neutron-nec-0:2013.2.4-6.el6ost
  • openstack-neutron-nicira-0:2013.2.4-6.el6ost
  • openstack-neutron-openvswitch-0:2013.2.4-6.el6ost
  • openstack-neutron-plumgrid-0:2013.2.4-6.el6ost
  • openstack-neutron-ryu-0:2013.2.4-6.el6ost
  • openstack-neutron-vpn-agent-0:2013.2.4-6.el6ost
  • python-neutron-0:2013.2.4-6.el6ost
refmap via4
confirm
fedora FEDORA-2015-5997
mlist [openstack-announce] 20141119 [OSSA 2014-039] Neutron DoS through invalid DNS configuration (CVE-2014-7821)
secunia 62586
xf neutron-cve20147821-dos(98818)
Last major update 13-02-2023 - 00:42
Published 24-11-2014 - 15:59
Last modified 13-02-2023 - 00:42
Back to Top