Vulnerability Description
OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
CVSS Score
4.0
MEDIUM
AV:N/AC:L/Au:S/C:N/I:P/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openstack | Neutron | >= 2013.2, <= 2013.2.4 |
| Canonical | Ubuntu Linux | 14.04 |
Related Weaknesses (CWE)
References
- http://rhn.redhat.com/errata/RHSA-2014-1686.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-1785.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-1786.htmlThird Party Advisory
- http://secunia.com/advisories/62299Third Party Advisory
- http://www.openwall.com/lists/oss-security/2014/09/15/5Mailing ListThird Party Advisory
- http://www.ubuntu.com/usn/USN-2408-1Third Party Advisory
- https://bugs.launchpad.net/neutron/+bug/1357379PatchThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-1686.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-1785.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2014-1786.htmlThird Party Advisory
- http://secunia.com/advisories/62299Third Party Advisory
- http://www.openwall.com/lists/oss-security/2014/09/15/5Mailing ListThird Party Advisory
- http://www.ubuntu.com/usn/USN-2408-1Third Party Advisory
- https://bugs.launchpad.net/neutron/+bug/1357379PatchThird Party Advisory
FAQ
What is CVE-2014-6414?
CVE-2014-6414 is a vulnerability with a CVSS score of 4.0 (MEDIUM). OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.
How severe is CVE-2014-6414?
CVE-2014-6414 has been rated MEDIUM with a CVSS base score of 4.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6414?
Check the references section above for vendor advisories and patch information. Affected products include: Openstack Neutron, Canonical Ubuntu Linux.