CVE-2014-3703CVE-2014-3703

Affected configuration(s):

cpe:/a:redhat:packstack:2012.2.1

Date published: 2014-12-01T20:59:03.653-05:00

Date last modified: 2014-12-05T11:01:40.467-05:00

CVSS Score: 5.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://rhn.redhat.com/errata/RHSA-2014-1691.html

Summary: OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *