Date published: 2014-12-01T20:59:03.653-05:00
Date last modified: 2014-12-05T11:01:40.467-05:00
CVSS Score: 5.0
Principal attack vector: NETWORK
Reference URL: http://rhn.redhat.com/errata/RHSA-2014-1691.html
Summary: OpenStack PackStack 2012.2.1, when the Open vSwitch (OVS) monolithic plug-in is not used, does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration, which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions.