U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:openstack:neutron:2013.2.3:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 5 matching records.
Displaying matches 1 through 5.
Vuln ID Summary CVSS Severity
CVE-2014-7821

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

Published: November 24, 2014; 10:59:02 AM -0500 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 4.0 MEDIUM
CVE-2014-6414

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.

Published: October 02, 2014; 10:55:04 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 4.0 MEDIUM
CVE-2014-4167

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

Published: July 11, 2014; 10:55:04 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 3.5 LOW
CVE-2013-6433

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

Published: June 02, 2014; 11:55:10 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 7.6 HIGH
CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.

Published: April 28, 2014; 10:09:06 AM -0400 		V4.0:(not available)
 V3.x:(not available)
 V2.0: 9.0 HIGH