Multiple vulnerabilities in Openstack Neutron



Published: 2021-10-12
Risk Low
Patch available YES
Number of vulnerabilities 2
CVE-ID CVE-2021-40085
CVE-2021-38598
CWE-ID CWE-284
CWE-862
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
openstack-neutron
Client/Desktop applications / Other client software

Vendor Openstack

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Improper access control

EUVDB-ID: #VU57242

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-40085

CWE-ID: CWE-284 - Improper Access Control

Exploit availability: No

Description

The vulnerability allows a remote user to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote user can bypass implemented security restrictions and reconfigure dnsmasq via a crafted extra_dhcp_opts value.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openstack-neutron: 18.0.0 - 18.1.0, 17.0.0 - 17.2.0, 16.0.0 - 16.4.0


CPE2.3 External links

http://security.openstack.org/ossa/OSSA-2021-005.html
http://launchpad.net/bugs/1939733
http://www.openwall.com/lists/oss-security/2021/08/31/2
http://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
http://www.debian.org/security/2021/dsa-4983

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?

2) Missing Authorization

EUVDB-ID: #VU57243

Risk: Low

CVSSv3.1:

CVE-ID: CVE-2021-38598

CWE-ID: CWE-862 - Missing Authorization

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to missing authorization when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. A remote attacker in control of a server instance connected to the virtual switch can send specially crafted packets to impersonate the hardware addresses of other systems on the network.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

openstack-neutron: 17.0.0 - 17.1.2, 16.0.0 - 16.4.0


CPE2.3 External links

http://launchpad.net/bugs/1938670

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?



###SIDEBAR###