Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2021-20267

Опубликовано: 28 мая 2021
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5.5
CVSS3: 7.1

Описание

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected.

РелизСтатусПримечание
bionic

released

2:12.1.1-0ubuntu8.1
devel

not-affected

2:18.1.0+git2021072117.147830620f-0ubuntu2
esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

2:12.1.1-0ubuntu8.1
esm-infra/focal

released

2:16.4.2-0ubuntu6.2
esm-infra/xenial

needed

focal

released

2:16.4.2-0ubuntu6.2
groovy

ignored

end of life
hirsute

ignored

end of life
impish

not-affected

2:18.1.0+git2021072117.147830620f-0ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 32%
0.00123
Низкий

5.5 Medium

CVSS2

7.1 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2021-20267

CVSS3: 7.1
redhat
больше 5 лет назад

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected.

nvd логотип

CVE-2021-20267

CVSS3: 7.1
nvd
больше 4 лет назад

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected.

debian логотип

CVE-2021-20267

CVSS3: 7.1
debian
больше 4 лет назад

A flaw was found in openstack-neutron's default Open vSwitch firewall ...

github логотип

GHSA-w8hx-f868-pvch

CVSS3: 7.1
github
больше 3 лет назад

Openstack Neutron has Insufficient Verification of IPv6 addresses

fstec логотип

BDU:2021-04649

CVSS3: 7.1
fstec
больше 5 лет назад

Уязвимость правил брандмауэра Open vSwitch сетевого сервиса Neutron, связанная с недостаточной проверкой подлинности данных, позволяющая нарушителю получить доступ к конфиденциальным данным, а также вызвать отказ в обслуживании

EPSS

Процентиль: 32%
0.00123
Низкий

5.5 Medium

CVSS2

7.1 High

CVSS3