CVE-2019-10876

{"id": "CVE-2019-10876", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2019-04-05T05:29:03.187", "references": [{"url": "http://www.openwall.com/lists/oss-security/2019/04/09/2", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2019:0879", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://access.redhat.com/errata/RHSA-2019:0935", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://bugs.launchpad.net/ossa/+bug/1813007", "tags": ["Issue Tracking", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://review.openstack.org/#/q/topic:bug/1813007", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://security.openstack.org/ossa/OSSA-2019-002.html", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected."}, {"lang": "es", "value": "Se ha descubierto un problema en OpenStack Neutron, en las versiones 11.x anteriores a la 11.0.7, en las 12.x anteriores a la 12.0.6 y en las 13.x anteriores a la 13.0.3. Al crear dos grupos de seguridad con rangos de puertos separados/solapados, un usuario autenticado podr\u00eda impedir que Neutron sea capaz de configurar las redes en cualquier nodo de c\u00e1lculo donde se encuentran dichos grupos de seguridad, debido a un error de claves en el firewall de Open vSwitch (OVS). Se han visto afectados todos los despliegues de Neutron que utilizan neutron-openvswitch-agent."}], "lastModified": "2021-08-04T17:15:13.067", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "65070BD7-7C03-4E26-90BF-AB8675C3C388", "versionEndExcluding": "11.0.7", "versionStartIncluding": "11.0.0"}, {"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E4586EA4-A2C5-40A7-A06E-4411B902E97F", "versionEndExcluding": "12.0.6", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "39624A61-9AE1-4304-882F-35AF5198DDA5", "versionEndExcluding": "13.0.3", "versionStartIncluding": "13.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED"}, {"criteria": "cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB7F358B-5E56-41AB-BB8A-23D3CB7A248B"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}