Executive Summary

Titleneutron security update
NameDSA-4409First vendor Publication2019-03-18
VendorDebianLast vendor Modification2019-03-18
Severity (Vendor) N/ARevision1

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:S/C:N/I:N/A:P)
Cvss Base Score4Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score8AuthenticationRequires single instance
Calculate full CVSS 2.0 Vectors scores


Erik Olof Gunnar Andersson discovered that incorrect validation of port settings in the iptables security group driver of Neutron, the OpenStack virtual network service, could result in denial of service in a multi tenant setup.

For the stable distribution (stretch), this problem has been fixed in version 2:9.1.1-3+deb9u1.

We recommend that you upgrade your neutron packages.

For the detailed security status of neutron please refer to its security tracker page at: https://security-tracker.debian.org/tracker/neutron

Original Source

Url : http://www.debian.org/security/2019/dsa-4409

CWE : Common Weakness Enumeration

100 %CWE-254Security Features

CPE : Common Platform Enumeration


Alert History

If you want to see full details history, please login or register.
2019-03-19 00:18:20
  • First insertion