Vulnerabilities > CVE-2019-10876

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

openstack

redhat

NVD

Published: 2019-04-05

Updated: 2021-08-04

Summary

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

Vulnerable Configurations

Part	Description	Count
Application	Openstack Openstack Neutron 11.0.0 Openstack Neutron 11.0.1 Openstack Neutron 11.0.2 Openstack Neutron 11.0.3 Openstack Neutron 11.0.4 Openstack Neutron 11.0.5 Openstack Neutron 11.0.5-50 Openstack Neutron 11.0.6 Openstack Neutron 12.0.0 Openstack Neutron 12.0.1 Openstack Neutron 12.0.2 Openstack Neutron 12.0.3 Openstack Neutron 12.0.4 Openstack Neutron 12.0.5 Openstack Neutron 13.0.0 Openstack Neutron 13.0.0.0 Openstack Neutron 13.0.1 Openstack Neutron 13.0.2	19
Application	Redhat Redhat Openstack 14 Redhat Openstack 13	2

Redhat

advisories

rhsa
id RHSA-2019:0879
rhsa
id RHSA-2019:0935

rpms

openstack-neutron-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-common-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-linuxbridge-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-macvtap-agent-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-metering-agent-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-ml2-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-openvswitch-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-rpc-server-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-sriov-nic-agent-1:13.0.3-0.20190313155649.00b63be.el7ost
python-neutron-1:13.0.3-0.20190313155649.00b63be.el7ost
openstack-neutron-1:12.0.5-11.el7ost
openstack-neutron-common-1:12.0.5-11.el7ost
openstack-neutron-linuxbridge-1:12.0.5-11.el7ost
openstack-neutron-macvtap-agent-1:12.0.5-11.el7ost
openstack-neutron-metering-agent-1:12.0.5-11.el7ost
openstack-neutron-ml2-1:12.0.5-11.el7ost
openstack-neutron-openvswitch-1:12.0.5-11.el7ost
openstack-neutron-rpc-server-1:12.0.5-11.el7ost
openstack-neutron-sriov-nic-agent-1:12.0.5-11.el7ost
python-neutron-1:12.0.5-11.el7ost

Vulnerabilities > CVE-2019-10876 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"CVE-2019-10876"}]}

Summary

Vulnerable Configurations

Redhat

References

Vulnerabilities > CVE-2019-10876