Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-7543

Опубликовано: 26 июл. 2018
Источник: nvd
CVSS3: 5.3
CVSS3: 5.9
CVSS2: 4.3
EPSS Низкий

Описание

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
Версия от 7.0.0 (включая) до 7.2.0-12.1 (исключая)
cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
Версия от 8.0.0 (включая) до 8.3.0-11.1 (исключая)
cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
Версия от 9.0.0 (включая) до 9.3.1-2.1 (исключая)
cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
Версия от 10.0.0 (включая) до 10.0.2-1.1 (исключая)
Конфигурация 2

Одновременно

cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Конфигурация 4

Одно из

cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*

EPSS

Процентиль: 65%
0.00481
Низкий

5.3 Medium

CVSS3

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-362
CWE-362

Связанные уязвимости

ubuntu логотип

CVE-2017-7543

CVSS3: 5.3
ubuntu
больше 7 лет назад

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

redhat логотип

CVE-2017-7543

CVSS3: 5.3
redhat
больше 8 лет назад

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.

debian логотип

CVE-2017-7543

CVSS3: 5.3
debian
больше 7 лет назад

A race-condition flaw was discovered in openstack-neutron before 7.2.0 ...

github логотип

GHSA-hvxr-2fvv-c3wq

CVSS3: 5.9
github
больше 3 лет назад

OpenStack Neutron Race Condition vulnerability

EPSS

Процентиль: 65%
0.00481
Низкий

5.3 Medium

CVSS3

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-362
CWE-362