Vulnerabilities > Openstack > Neutron > 2014.1.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-10-02 | CVE-2014-6414 | Permissions, Privileges, and Access Controls vulnerability in multiple products OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors. | 4.0 |
2014-08-19 | CVE-2014-4615 | Information Exposure vulnerability in multiple products The notifier middleware in OpenStack PyCADF 0.5.0 and earlier, Telemetry (Ceilometer) 2013.2 before 2013.2.4 and 2014.x before 2014.1.2, Neutron 2014.x before 2014.1.2 and Juno before Juno-2, and Oslo allows remote authenticated users to obtain X_AUTH_TOKEN values by reading the message queue (v2/meters/http.request). | 5.0 |
2014-07-11 | CVE-2014-4167 | Permissions, Privileges, and Access Controls vulnerability in multiple products The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router. | 3.5 |