Vulnerability Details : CVE-2014-6414
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
Exploit prediction scoring system (EPSS) score for CVE-2014-6414
Probability of exploitation activity in the next 30 days: 0.19%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 56 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-6414
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:P/A:N |
8.0
|
2.9
|
NIST |
CWE ids for CVE-2014-6414
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-6414
-
http://www.openwall.com/lists/oss-security/2014/09/15/5
oss-security - CVE request for vulnerability in OpenStack NeutronMailing List;Third Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-1785.html
RHSA-2014:1785 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-1686.html
RHSA-2014:1686 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2408-1
USN-2408-1: OpenStack Neutron vulnerability | Ubuntu security noticesThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2014-1786.html
RHSA-2014:1786 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://bugs.launchpad.net/neutron/+bug/1357379
Bug #1357379 “[OSSA 2014-031] policy admin_only rules not enforc...” : Bugs : neutronPatch;Third Party Advisory
-
http://secunia.com/advisories/62299
Sign inThird Party Advisory
Products affected by CVE-2014-6414
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*