Bypassing Security Group Restrictions in OpenStack Neutron

Bypassing Security Group Restrictions in OpenStack Neutron

CVE-2014-0187 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.

Learn more about our User Device Pen Test.