OpenStack Neutron 18.0.0-31

CPE Details

OpenStack Neutron 18.0.0-31
openstack
neutron
18.0.0-31
2021-06-07
14h49 +00:00
2021-06-07
15h11 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:openstack:neutron:18.0.0-31:*:*:*:*:*:*:*

Informations

Vendor

openstack

Product

neutron

Version

18.0.0-31

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-3277 2023-03-06 00h00 +00:00 An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
6.5
Medium
CVE-2021-40797 2021-09-08 17h11 +00:00 An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.
6.5
Medium
CVE-2021-40085 2021-08-31 15h32 +00:00 An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
6.5
Medium
The information presented on CVE Find originates from several carefully selected reference sources. CVE data is provided by MITRE Corporation and the National Vulnerability Database (NVD). The Known Exploited Vulnerabilities (KEV) catalog is sourced from the Cybersecurity and Infrastructure Security Agency (CISA), while EPSS scores come from FIRST.org. Additionally, data regarding software weaknesses (CWE) and common attack patterns (CAPEC) is maintained by MITRE Corporation, and information on hardware and software configurations (CPE) is provided by the NVD.