Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2019-10876

Опубликовано: 05 апр. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4
CVSS3: 6.5

Описание

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

РелизСтатусПримечание
bionic

released

2:12.0.5-0ubuntu3
cosmic

released

2:13.0.2-0ubuntu3
devel

not-affected

2:14.0.0~b1~git2018120609.2e720b158b-0ubuntu2
disco

not-affected

2:14.0.0~b1~git2018120609.2e720b158b-0ubuntu2
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [code not present]]
esm-infra/bionic

released

2:12.0.5-0ubuntu3
esm-infra/xenial

not-affected

code not present
precise/esm

DNE

trusty

not-affected

code not present
trusty/esm

DNE

trusty was not-affected [code not present]

Показывать по

Ссылки на источники

EPSS

Процентиль: 70%
0.00649
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2019-10876

CVSS3: 7.5
redhat
почти 7 лет назад

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

nvd логотип

CVE-2019-10876

CVSS3: 6.5
nvd
почти 7 лет назад

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

debian логотип

CVE-2019-10876

CVSS3: 6.5
debian
почти 7 лет назад

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x ...

github логотип

GHSA-jr9m-v5qh-mh2j

CVSS3: 6.5
github
больше 3 лет назад

OpenStack Neutron overlapping security group rules prevents compute node network configuration

EPSS

Процентиль: 70%
0.00649
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3