exploitDog

CVE-2014-3703

Опубликовано: 02 дек. 2014

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions.

Ссылки

http://rhn.redhat.com/errata/RHSA-2014-1691.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2014-1691.html
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:redhat:packstack:2012.2.1:*:*:*:*:*:*:*

EPSS

Процентиль: 58%

0.00363

Низкий

5 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

CVE-2014-3703

redhat

больше 11 лет назад

OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions.

GHSA-47pg-jr9r-j5r6

github

больше 3 лет назад

OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions.

EPSS

Процентиль: 58%

0.00363

Низкий

5 Medium

CVSS2

Дефекты

CWE-264