CVE-2016-5363

Опубликовано: 29 мар. 2016

Источник: redhat

CVSS3: 6.3

CVSS2: 6.5

EPSS Низкий

Описание

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.

Neutron functionality includes internal firewall management between networks. Due to the relaxed nature of particular rules, it is possible for machines on the same layer 2 networks to forge non-IP traffic, such as ARP and DHCP requests.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)	openstack-neutron	Will not fix
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)	openstack-neutron	Will not fix
Red Hat OpenStack Platform 10 (Newton)	openstack-neutron	Not affected
Red Hat OpenStack Platform 9 (Mitaka)	openstack-neutron	Affected
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7	openstack-neutron	Fixed	RHSA-2016:1474	20.07.2016
Red Hat OpenStack Platform 8.0 (Liberty)	openstack-neutron	Fixed	RHSA-2016:1473	20.07.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low

https://bugzilla.redhat.com/show_bug.cgi?id=1345891openstack-neutron: MAC source address spoofing vulnerability

EPSS

Процентиль: 89%

0.04749

Низкий

6.3 Medium

CVSS3

6.5 Medium

CVSS2

Связанные уязвимости

CVE-2016-5363

CVSS3: 8.2

ubuntu

больше 9 лет назад

CVE-2016-5363

CVSS3: 8.2

nvd

больше 9 лет назад

CVE-2016-5363

CVSS3: 8.2

debian

больше 9 лет назад

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 thro ...

GHSA-9pp3-cvmq-9p22

CVSS3: 8.2

github

больше 3 лет назад

OpenStack Neutron Intended MAC-spoofing protection mechanism bypass

EPSS

Процентиль: 89%

0.04749

Низкий

6.3 Medium

CVSS3

6.5 Medium

CVSS2