[openstack-announce] [OSSA 2014-008] Routers can be cross plugged by other tenants (CVE-2014-0056)

Grant Murphy gmurphy at redhat.com
Thu Mar 27 15:48:48 UTC 2014

OpenStack Security Advisory: 2014-008
CVE: CVE-2014-0056
Date: March 27, 2014
Title: Routers can be cross plugged by other tenants
Reporter: Aaron Rosen (VMWare)
Products: Neutron
Affects: 2012.2 versions up to 2013.2.2

Aaron Rosen from VMWare reported a vulnerability where Neutron fails to
perform proper authorization checks when creating ports. By choosing a
device id of a router from a different tenant when creating a port, an
authenticated user can access the network of other tenants. This affects
deployments of Neutron using plugins relying on the l3-agent.

Icehouse (development branch) fix: 

Havana fix: 

One should perform and audit of the ports that are already attached to
routers after applying this patch and remove ports that a tenant may
have cross plugged.


Grant Murphy
OpenStack Vulnerability Management Team
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 230 bytes
Desc: This is a digitally signed message part
URL: <http://lists.openstack.org/pipermail/openstack-announce/attachments/20140328/dee815b8/attachment.pgp>

More information about the OpenStack-announce mailing list