CVE-2014-4167

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

Published: Jul 11, 2014
Updated: Apr 13, 2023
CVE: CVE-2014-4167
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:N/I:N/A:P

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
openstack / neutron	2011.1	2013.2.3.x
openstack / neutron	2014.1	2014.1.x
openstack / neutron	2014.1.1	2014.1.1.x
canonical / ubuntu_linux	13.10	13.10.x
canonical / ubuntu_linux	14.04	14.04.x

http://seclists.org/oss-sec/2014/q2/572
http://secunia.com/advisories/59533
http://www.ubuntu.com/usn/USN-2255-1
https://bugs.launchpad.net/neutron/+bug/1309195

Vulnerability Database

289,697

CVE-2014-4167