Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subjected to the proper policy authorization check. This affects 23 before 23.2.1, 24 before 24.0.2, and 25 before 25.0.1.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenStack Neutron 安全漏洞
Vulnerability Description
OpenStack Neutron是OpenStack开源的一个 OpenStack 项目,旨在为其他 OpenStack 服务管理的接口设备之间提供服务。 OpenStack Neutron 25.0.0版本及之前版本存在安全漏洞,该漏洞源于neutron/extensions/tagging.py在策略执行期间可能会使用错误的ID。
CVSS Information
N/A
Vulnerability Type
N/A