Detections
Analytics

CVE-2014-7821

medium

Description

OpenStack Neutron before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (crash) via a crafted dns_nameservers value in the DNS configuration.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/98818

https://bugs.launchpad.net/neutron/+bug/1378450

http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html

http://secunia.com/advisories/62586

http://rhn.redhat.com/errata/RHSA-2015-0044.html

http://rhn.redhat.com/errata/RHSA-2014-1942.html

http://rhn.redhat.com/errata/RHSA-2014-1938.html

http://lists.openstack.org/pipermail/openstack-announce/2014-November/000303.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155351.html

Details

Source: Mitre, NVD

Published: 2014-11-24

Updated: 2023-02-13

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium