漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.
CVSS Information
N/A
Vulnerability Type
使用共享资源的并发执行不恰当同步问题(竞争条件)
Vulnerability Title
openstack-neutron 竞争条件漏洞
Vulnerability Description
OpenStack是美国美国国家航空航天局(NASA)的一个云平台管理项目。 openstack-neutron存在竞争条件问题漏洞。攻击者利用该漏洞可以访问暴露的用户VM和网络资源。
CVSS Information
N/A
Vulnerability Type
N/A