Vulnerabilities > Openstack > Neutron > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-08-23 | CVE-2021-38598 | Authentication Bypass by Spoofing vulnerability in Openstack Neutron OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. | 9.1 |
2014-04-28 | CVE-2014-0187 | Permissions, Privileges, and Access Controls vulnerability in multiple products The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied. | 9.0 |