Home > Vulnerability Database > CVE-2015-3221

Mend.io Vulnerability Database

CVE-2015-3221

Date: August 26, 2015

OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.

Language: Python

Severity Score

4.3

Related Resources (12)

Url: https://access.redhat.com/security/cve/CVE-2015-3221

Url: https://nvd.nist.gov/vuln/detail/CVE-2015-3221

Url: http://www.securityfocus.com/bid/75368

Url: http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html

Url: https://opendev.org/openstack/neutron

Url: https://git.openstack.org/cgit/openstack/neutron/commit/?id=9ff6138c47c95034ba845e9448ddffd147b51f38

Url: http://rhn.redhat.com/errata/RHSA-2015-1680.html

Url: https://web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368

Url: https://access.redhat.com/errata/RHSA-2015:1680

Url: https://bugs.launchpad.net/neutron/+bug/1461054

Url: https://bugzilla.redhat.com/show_bug.cgi?id=1232284

Url: https://www.mend.io/vulnerability-database/CVE-2015-3221

Severity Score

4.3

Weakness Type (CWE)

Improper Input Validation

CWE-20

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	4.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	SINGLE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2015-3221

Date: August 26, 2015

Language: Python

Severity Score

Related Resources (12)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?