Vulnerabilities > Openstack > Neutron > 2013.2.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-10-02 | CVE-2014-6414 | Permissions, Privileges, and Access Controls vulnerability in multiple products OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors. | 4.0 |
| 2014-07-11 | CVE-2014-4167 | Permissions, Privileges, and Access Controls vulnerability in multiple products The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router. | 3.5 |
| 2014-06-02 | CVE-2013-6433 | Permissions, Privileges, and Access Controls vulnerability in multiple products The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file. | 7.6 |
| 2014-04-28 | CVE-2014-0187 | Permissions, Privileges, and Access Controls vulnerability in multiple products The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied. | 9.0 |