CVE-2014-6414
Published: 02 October 2014
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
Priority
Medium
Status
| Package | Release | Status |
|---|---|---|
|
neutron Launchpad, Ubuntu, Debian |
Upstream |
Needed
|
| Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was released [1:2014.1.3-0ubuntu1])
|
|
|
Patches: Upstream: https://review.openstack.org/#/c/123849/ (icehouse) Upstream: https://review.openstack.org/#/c/114531/ (juno) |
||
Notes
| Author | Note |
|---|---|
| mdeslaur | description is wrong, will actually be fixed in 2014.1.3 |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6414
- https://marc.info/?l=oss-security&m=141080249509239&w=2
- http://www.openwall.com/lists/oss-security/2014/09/29/12
- https://ubuntu.com/security/notices/USN-2408-1
- NVD
- Launchpad
- Debian