var-201501-0448
Vulnerability from variot
The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each. OpenStack Neutron is prone to a local denial-of-service vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. OpenStack is a cloud platform management project jointly developed by the National Aeronautics and Space Administration (National Aeronautics and Space Administration) and Rackspace Corporation of the United States. Neutron is one of the network components that provides Network as a Service (NaaS), which can create a network between OpenStack services, connect network devices to the grid, and more. A security vulnerability exists in the L3 agent of OpenStack Neutron version 2014.2 and 2014.2.1
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201501-0448",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "neutron",
"scope": "eq",
"trust": 1.9,
"vendor": "openstack",
"version": "2014.2"
},
{
"model": "neutron",
"scope": "eq",
"trust": 1.6,
"vendor": "openstack",
"version": "2014.2.1"
},
{
"model": "router advertisement daemon",
"scope": "eq",
"trust": 1.0,
"vendor": "litech",
"version": "2.0"
},
{
"model": "router advertisement daemon",
"scope": "eq",
"trust": 0.8,
"vendor": "litech design",
"version": "2.0+"
},
{
"model": "neutron",
"scope": "eq",
"trust": 0.8,
"vendor": "openstack",
"version": "2014.2.2"
},
{
"model": "neutron",
"scope": "lt",
"trust": 0.8,
"vendor": "openstack",
"version": "2014.2.x"
},
{
"model": "neutron",
"scope": "eq",
"trust": 0.3,
"vendor": "openstack",
"version": "2014.1.2"
}
],
"sources": [
{
"db": "BID",
"id": "71961"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
},
{
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:litech:router_advertisement_daemon",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/a:openstack:neutron",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ihar Hrachyshka from Red Hat",
"sources": [
{
"db": "BID",
"id": "71961"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
}
],
"trust": 0.9
},
"cve": "CVE-2014-8153",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "CVE-2014-8153",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"exploitabilityScore": 8.0,
"id": "VHN-76098",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "MEDIUM",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:S/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2014-8153",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2014-8153",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-201501-209",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULHUB",
"id": "VHN-76098",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76098"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
},
{
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The L3 agent in OpenStack Neutron 2014.2.x before 2014.2.2, when using radvd 2.0+, allows remote authenticated users to cause a denial of service (blocked router update processing) by creating eight routers and assigning an ipv6 non-provider subnet to each. OpenStack Neutron is prone to a local denial-of-service vulnerability. \nAttackers can exploit this issue to cause denial-of-service conditions. OpenStack is a cloud platform management project jointly developed by the National Aeronautics and Space Administration (National Aeronautics and Space Administration) and Rackspace Corporation of the United States. Neutron is one of the network components that provides Network as a Service (NaaS), which can create a network between OpenStack services, connect network devices to the grid, and more. A security vulnerability exists in the L3 agent of OpenStack Neutron version 2014.2 and 2014.2.1",
"sources": [
{
"db": "NVD",
"id": "CVE-2014-8153"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"db": "BID",
"id": "71961"
},
{
"db": "VULHUB",
"id": "VHN-76098"
}
],
"trust": 1.98
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2014-8153",
"trust": 2.8
},
{
"db": "BID",
"id": "71961",
"trust": 2.0
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201501-209",
"trust": 0.7
},
{
"db": "VULHUB",
"id": "VHN-76098",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76098"
},
{
"db": "BID",
"id": "71961"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
},
{
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"id": "VAR-201501-0448",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-76098"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-23T22:59:37.553000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "Bug #1398779",
"trust": 0.8,
"url": "https://bugs.launchpad.net/neutron/+bug/1398779"
},
{
"title": "Bug #1399172",
"trust": 0.8,
"url": "https://bugs.launchpad.net/neutron/+bug/1399172"
},
{
"title": "Bug 1169408",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169408"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-20",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76098"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.0,
"url": "https://bugs.launchpad.net/neutron/+bug/1399172"
},
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/71961"
},
{
"trust": 1.7,
"url": "http://lists.openstack.org/pipermail/openstack-announce/2015-january/000320.html"
},
{
"trust": 1.7,
"url": "https://bugs.launchpad.net/neutron/+bug/1398779"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1169408"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2014-8153"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2014-8153"
},
{
"trust": 0.3,
"url": "http://www.openstack.org"
},
{
"trust": 0.3,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1180469 "
},
{
"trust": 0.3,
"url": "https://review.openstack.org/#/c/141575/"
},
{
"trust": 0.3,
"url": "https://review.openstack.org/#/c/138688/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-76098"
},
{
"db": "BID",
"id": "71961"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
},
{
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-76098"
},
{
"db": "BID",
"id": "71961"
},
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
},
{
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-15T00:00:00",
"db": "VULHUB",
"id": "VHN-76098"
},
{
"date": "2015-01-08T00:00:00",
"db": "BID",
"id": "71961"
},
{
"date": "2015-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"date": "2015-01-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-209"
},
{
"date": "2015-01-15T15:59:08.607000",
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2015-01-16T00:00:00",
"db": "VULHUB",
"id": "VHN-76098"
},
{
"date": "2015-01-08T00:00:00",
"db": "BID",
"id": "71961"
},
{
"date": "2015-01-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2014-007685"
},
{
"date": "2015-01-16T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201501-209"
},
{
"date": "2024-11-21T02:18:40.333000",
"db": "NVD",
"id": "CVE-2014-8153"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenStack Neutron of L3 Service disruption in agents (DoS) Vulnerabilities",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2014-007685"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "input validation",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201501-209"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…