Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable.
CVSS Information
N/A
Vulnerability Type
输入验证不恰当
Vulnerability Title
Openstack-neutron 安全漏洞
Vulnerability Description
OpenStack是美国国家航空航天局(National Aeronautics and Space Administration)和美国Rackspace公司合作研发的一个云平台管理项目。openstack-neutron是其中的一个用于提供网络服务的组件。 Openstack-neutron 13.0.0.0b2之前版本、12.0.3版本和11.0.5版本中存在安全漏洞,该漏洞源于当使用Linux bridge ml2驱动程序时无权限的租户能够不指定IP地址就创建和附加端口。攻击者可利用该漏洞造成拒绝
CVSS Information
N/A
Vulnerability Type
N/A