FKIE_CVE-2014-0187

Vulnerability from fkie_nvd - Published: 2014-04-28 14:09 - Updated: 2025-04-12 10:46
Severity ?
Summary
The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2014-08/msg00035.html
secalert@redhat.comhttp://secunia.com/advisories/59533
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2014/04/22/8
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2255-1
secalert@redhat.comhttps://bugs.launchpad.net/neutron/+bug/1300785Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-08/msg00035.html
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59533
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2014/04/22/8
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2255-1
af854a3a-2127-422b-91ae-364da2661108https://bugs.launchpad.net/neutron/+bug/1300785Vendor Advisory
Impacted products
Vendor Product Version
openstack neutron 2013.1
openstack neutron 2013.1.1
openstack neutron 2013.1.2
openstack neutron 2013.1.3
openstack neutron 2013.1.4
openstack neutron 2013.1.5
openstack neutron 2013.2
openstack neutron 2013.2.1
openstack neutron 2013.2.2
openstack neutron 2013.2.3
openstack neutron 2014.1
canonical ubuntu_linux 13.04
canonical ubuntu_linux 14.04
opensuse opensuse 13.1
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "22D37364-1253-495F-A3E0-CA4CEFBF2587",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "49D7F58E-536B-4E57-B02E-AB2A39AA4EAF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81C24D0C-8F7B-48D3-825C-AC3ACD87F461",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0774CBBB-8DF6-468F-AFD9-0C0FE314FF10",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "2CCC7C3A-8E5B-447B-B339-1328C6DDDF9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3AE37F27-FCDA-413C-8A3C-B3ED56BB7A37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5EFDBB0-BCCD-42C4-ADFB-1C92BD5E9537",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6772F036-DD92-40C4-AAAA-227BD41162FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B90A2150-AAC4-468E-ABF6-59071E02D911",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2013.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B77F147E-3FD8-40C9-9BB0-C7F27EC1E59B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5EC034B0-18F8-4227-8EB3-F7109D2F8FC1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
              "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A10BC294-9196-425F-9FB0-B1625465B47F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied."
    },
    {
      "lang": "es",
      "value": "El proceso openvswitch-agent en OpenStack Neutron 2013.1 anterior a 2013.2.4 y 2014.1 anterior a 2014.1.1 permite a usuarios remotos autenticados evadir restricciones de seguridad de grupo a trav\u00e9s de un CIDR invalido en una regla de seguridad de grupo, lo que previene que se aplican m\u00e1s reglas."
    }
  ],
  "id": "CVE-2014-0187",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "SINGLE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-04-28T14:09:06.237",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00035.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59533"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2014/04/22/8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2255-1"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.launchpad.net/neutron/+bug/1300785"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-08/msg00035.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59533"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2014/04/22/8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2255-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://bugs.launchpad.net/neutron/+bug/1300785"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-264"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.