Описание
Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass security group restrictions via unspecified vectors, related to floating IPs.
Ссылки
- PatchVendor Advisory
- Vendor Advisory
- PatchVendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:a:crowbar:barclamp:1.7:*:*:*:*:*:*:*
cpe:2.3:a:novell:suse_cloud:3.0:*:*:*:*:*:*:*
EPSS
Процентиль: 57%
0.00352
Низкий
7.5 High
CVSS2
Дефекты
CWE-264
Связанные уязвимости
github
больше 3 лет назад
Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass security group restrictions via unspecified vectors, related to floating IPs.
EPSS
Процентиль: 57%
0.00352
Низкий
7.5 High
CVSS2
Дефекты
CWE-264