{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-21T00:00:00", "descriptions": [{"lang": "en", "value": "OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-01-04T20:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "60804", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60804"}, {"name": "RHSA-2014:1120", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-1120.html"}, {"name": "68765", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/68765"}, {"name": "60766", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60766"}, {"name": "[oss-security] 20140721 [OSSA 2014-025] Denial of Service in Neutron allowed address pair (CVE-2014-3555)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://seclists.org/oss-sec/2014/q3/200"}, {"name": "RHSA-2014:1119", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2014-1119.html"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.launchpad.net/neutron/+bug/1336207"}, {"name": "[openstack-announce] 20140721 [OSSA 2014-025] Denial of Service in Neutron allowed address pair (CVE-2014-3555)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T10:50:17.233Z"}, "title": "CVE Program Container", "references": [{"name": "60804", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60804"}, {"name": "RHSA-2014:1120", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-1120.html"}, {"name": "68765", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/68765"}, {"name": "60766", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60766"}, {"name": "[oss-security] 20140721 [OSSA 2014-025] Denial of Service in Neutron allowed address pair (CVE-2014-3555)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://seclists.org/oss-sec/2014/q3/200"}, {"name": "RHSA-2014:1119", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2014-1119.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.launchpad.net/neutron/+bug/1336207"}, {"name": "[openstack-announce] 20140721 [OSSA 2014-025] Denial of Service in Neutron allowed address pair (CVE-2014-3555)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2014-3555", "datePublished": "2014-07-23T14:00:00", "dateReserved": "2014-05-14T00:00:00", "dateUpdated": "2024-08-06T10:50:17.233Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:neutron:2013.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "8F3E5F33-1431-479F-A23C-7E77A0ACFAE1", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*", "matchCriteriaId": "5EC034B0-18F8-4227-8EB3-F7109D2F8FC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "2F31A01D-02ED-4DC2-9F9A-6A592D120D7C", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:neutron:juno-1:*:*:*:*:*:*:*", "matchCriteriaId": "42478891-BCFB-4A71-84C0-889E0D2DA218", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs."}, {"lang": "es", "value": "OpenStack Neutron anterior a 2013.2.4, 2014.x anterior a 2014.1.2 y Juno anterior a Juno-2 permite a usuarios remotos autenticados causar una denegaci\u00f3n de servicio (ca\u00edda o actualizaciones de normas largas de firewall) mediante la creaci\u00f3n de un n\u00famero grande de parejas de direcciones permitidas."}], "id": "CVE-2014-3555", "lastModified": "2025-04-12T10:46:40.837", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-23T14:55:05.930", "references": [{"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-1119.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2014-1120.html"}, {"source": "secalert@redhat.com", "url": "http://seclists.org/oss-sec/2014/q3/200"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/60766"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/60804"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/68765"}, {"source": "secalert@redhat.com", "url": "https://bugs.launchpad.net/neutron/+bug/1336207"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2014-1119.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2014-1120.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://seclists.org/oss-sec/2014/q3/200"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60766"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/60804"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/68765"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugs.launchpad.net/neutron/+bug/1336207"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank OpenStack project for reporting this issue. Upstream acknowledges Liping Mao (Cisco) as the original reporter.", "affected_release": [{"advisory": "RHSA-2014:1078", "cpe": "cpe:/a:redhat:openstack:4::el6", "package": "openstack-neutron-0:2013.2.3-16.el6ost", "product_name": "OpenStack 4 for RHEL 6", "release_date": "2014-08-20T00:00:00Z"}, {"advisory": "RHSA-2014:1120", "cpe": "cpe:/a:redhat:openstack:5::el6", "package": "openstack-neutron-0:2014.1.2-2.el6ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6", "release_date": "2014-09-02T00:00:00Z"}, {"advisory": "RHSA-2014:1119", "cpe": "cpe:/a:redhat:openstack:5::el7", "package": "openstack-neutron-0:2014.1.2-2.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "release_date": "2014-09-02T00:00:00Z"}], "bugzilla": {"description": "openstack-neutron: Denial of Service in Neutron allowed address pair", "id": "1118833", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1118833"}, "csaw": false, "cvss": {"cvss_base_score": "3.5", "cvss_scoring_vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "status": "verified"}, "cwe": "CWE-400", "details": ["OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.", "A denial of service flaw was found in neutron's handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute node unusable."], "name": "CVE-2014-3555", "public_date": "2014-07-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-3555\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-3555"], "threat_severity": "Moderate"}