CVE-2016-5363

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2016-5363

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-5363.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-5363

Aliases

GHSA-9pp3-cvmq-9p22

Related

Published

2016-06-17T15:59:04Z

Modified

2024-10-12T02:02:18.354043Z

Severity

8.2 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H CVSS Calculator

Summary

[none]

Details

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.

References

Affected packages

Debian:11 / neutron

Package

Name: neutron
Purl: pkg:deb/debian/neutron?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.1.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / neutron

Package

Name: neutron
Purl: pkg:deb/debian/neutron?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.1.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / neutron

Package

Name: neutron
Purl: pkg:deb/debian/neutron?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2:8.1.2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/openstack/neutron

Affected ranges

Type: GIT
Repo: https://github.com/openstack/neutron
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

197b188ea8bfdfd023b2da3b7572e9387568c500

Last affected

28961debfbfc906bca2580f37e21870d59ea90df

Last affected

30b53c9cc5d1bc8bce3c5d5cda7856e28098d18b

Last affected

3213eb124e40b130e174ac3a91067e2b196788dd

Last affected

6dcfe3a9362ae5fcf18e5cfb59663e43446cd59c

Last affected

a323769143001d67fd1b3b4ba294e59accd09e0e

Last affected

b80fa23ac0b292db84df84855141eb16a4e0fec0

Affected versions

2011.*

2011.3

2013.*

2013.1.g3

2013.2.b2

2013.2.rc1

2014.*

2014.1.b1

2014.1.b2

2014.1.b3

2014.1.rc1

2014.2

2014.2.b1

2014.2.b2

2014.2.b3

2014.2.rc1

2014.2.rc2

2014.2.rc3

2015.*

2015.1.0

2015.1.0b1

2015.1.0b2

2015.1.0b3

2015.1.0rc1

2015.1.0rc2

2015.1.0rc3

7.*

7.0.0

7.0.0.0b1

7.0.0.0b2

7.0.0.0b3

7.0.0.0rc1

7.0.0.0rc2

7.0.0.0rc3

7.0.0a0

8.*

8.0.0

8.0.0.0b1

8.0.0.0b2

8.0.0.0b3

8.0.0.0rc1

8.0.0.0rc2

8.0.0.0rc3

Other

diablo-eol

essex-1

essex-3

folsom-1

folsom-3

grizzly-1