CVE-2014-3632

The default configuration in a sudoers file in the Red Hat openstack-neutron package before 2014.1.2-4, as used in Red Hat Enterprise Linux Open Stack Platform 5.0 for Red Hat Enterprise Linux 6, allows remote attackers to gain privileges via a crafted configuration file. NOTE: this vulnerability exists because of a CVE-2013-6433 regression.

Published: Oct 7, 2014
Updated: Nov 8, 2023
CVE: CVE-2014-3632
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.6
AV:N/AC:H/Au:N/C:C/I:C/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
openstack / neutron	2014.1	2014.1.2.x

http://rhn.redhat.com/errata/RHSA-2014-1339.html

Vulnerability Database

289,697

CVE-2014-3632