CVE-2019-10876
Description
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.
Risk Information
Base Score
6.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.649
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-10876,CVE-2019-9735 are fixed in Python-neutron 11.0.7 | Windows |
| Vulnerabilities CVE-2019-10876,CVE-2019-9735 are fixed in Python-neutron 12.0.6 | Windows |
| Vulnerabilities CVE-2019-10876,CVE-2019-9735 are fixed in Python-neutron 13.0.3 | Windows |
| Vulnerabilities CVE-2019-10876,CVE-2019-9735 are fixed in Python-neutron for linux 11.0.7 | Linux |
| Vulnerabilities CVE-2019-10876,CVE-2019-9735 are fixed in Python-neutron for linux 12.0.6 | Linux |
| Vulnerabilities CVE-2019-10876,CVE-2019-9735 are fixed in Python-neutron for linux 13.0.3 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234