← back
CVE-2015-3221

CVE-2015-3221

EPSS 11.3%
OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.
Affected products
n/a · n/a
public PoCs found1
exploitdbwww.exploit-db.com/exploits/37360unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.htmlhttp://rhn.redhat.com/errata/RHSA-2015-1680.htmlhttps://bugs.launchpad.net/neutron/+bug/1461054http://www.securityfocus.com/bid/75368