{ "threat_severity" : "Moderate", "public_date" : "2014-07-21T00:00:00Z", "bugzilla" : { "description" : "openstack-neutron: Denial of Service in Neutron allowed address pair", "id" : "1118833", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1118833" }, "cvss" : { "cvss_base_score" : "3.5", "cvss_scoring_vector" : "AV:N/AC:M/Au:S/C:N/I:N/A:P", "status" : "verified" }, "cwe" : "CWE-400", "details" : [ "OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.", "A denial of service flaw was found in neutron's handling of allowed address pairs. As there was no enforced quota on the amount of allowed address pairs, a sufficiently authorized user could possibly create a large number of firewall rules, impacting performance or potentially rendering a compute node unusable." ], "acknowledgement" : "Red Hat would like to thank OpenStack project for reporting this issue. Upstream acknowledges Liping Mao (Cisco) as the original reporter.", "affected_release" : [ { "product_name" : "OpenStack 4 for RHEL 6", "release_date" : "2014-08-20T00:00:00Z", "advisory" : "RHSA-2014:1078", "cpe" : "cpe:/a:redhat:openstack:4::el6", "package" : "openstack-neutron-0:2013.2.3-16.el6ost" }, { "product_name" : "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6", "release_date" : "2014-09-02T00:00:00Z", "advisory" : "RHSA-2014:1120", "cpe" : "cpe:/a:redhat:openstack:5::el6", "package" : "openstack-neutron-0:2014.1.2-2.el6ost" }, { "product_name" : "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "release_date" : "2014-09-02T00:00:00Z", "advisory" : "RHSA-2014:1119", "cpe" : "cpe:/a:redhat:openstack:5::el7", "package" : "openstack-neutron-0:2014.1.2-2.el7ost" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2014-3555\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-3555" ], "name" : "CVE-2014-3555", "csaw" : false }