Unrated severityNVD Advisory· Published Apr 28, 2014· Updated May 6, 2026

CVE-2014-0187

Description

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied.

Affected products

OpenStack/Neutron11 versions
cpe:2.3:a:openstack:neutron:2013.1:*:*:*:*:*:*:*+ 10 more
- cpe:2.3:a:openstack:neutron:2013.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2013.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
Canonical (company)/Ubuntu Linux2 versions
cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
OpenSUSE/openSUSE
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000