CVE-2014-6414 | Vulnerability Database | Aqua Security

OpenStack Neutron before 2014.2.4 and 2014.1 before 2014.1.2 allows remote authenticated users to set admin network attributes to default values via unspecified vectors.

Affected Software

Name	Vendor	Start Version	End Version
Neutron	Openstack	2013.2 (including)	2013.2.4 (including)
Neutron	Openstack	2014.1 (including)	2014.1.2 (excluding)
Neutron	Openstack	2014.2 (including)	2014.2.4 (including)
OpenStack 4 for RHEL 6	RedHat	openstack-neutron-0:2013.2.4-5.el6ost	*
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6	RedHat	openstack-neutron-0:2014.1.3-8.el6ost	*
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6	RedHat	python-neutronclient-0:2.3.4-3.el6ost	*
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7	RedHat	openstack-neutron-0:2014.1.3-7.el7ost	*
Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7	RedHat	python-neutronclient-0:2.3.4-3.el7ost	*
Neutron	Ubuntu	trusty	*
Neutron	Ubuntu	upstream	*

References

http://rhn.redhat.com/errata/RHSA-2014-1686.html
http://rhn.redhat.com/errata/RHSA-2014-1785.html
http://rhn.redhat.com/errata/RHSA-2014-1786.html
http://secunia.com/advisories/62299
http://www.openwall.com/lists/oss-security/2014/09/15/5
http://www.ubuntu.com/usn/USN-2408-1
https://bugs.launchpad.net/neutron/+bug/1357379

NVD	https://nvd.nist.gov/vuln/detail/CVE-2014-6414
CWE	https://cwe.mitre.org/data/definitions/264.html