Critical severity9.1NVD Advisory· Published Jun 17, 2016· Updated May 6, 2026

CVE-2015-8914

Description

The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
neutronPyPI	< 7.0.5	7.0.5
neutronPyPI	>= 8.0.0, < 8.1.1	8.1.1

Affected products

OpenStack/Neutron
cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
Range: >=7.0.0,<7.0.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

bugs.launchpad.net/neutron/+bug/1502933nvdExploitThird Party AdvisoryWEB
www.openwall.com/lists/oss-security/2016/06/10/5nvdMailing ListThird Party AdvisoryWEB
www.openwall.com/lists/oss-security/2016/06/10/6nvdMailing ListThird Party AdvisoryWEB
access.redhat.com/errata/RHSA-2016:1473nvdThird Party AdvisoryWEB
access.redhat.com/errata/RHSA-2016:1474nvdThird Party AdvisoryWEB
github.com/advisories/GHSA-3vj4-cvjp-482hghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2015-8914ghsaADVISORY
review.openstack.orgnvdThird Party Advisory
review.openstack.orgnvdThird Party Advisory
review.openstack.orgnvdThird Party Advisory
security.openstack.org/ossa/OSSA-2016-009.htmlnvdVendor AdvisoryWEB
review.openstack.orgghsaWEB
review.openstack.orgghsaWEB
review.openstack.orgghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.591
epss	0.005
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000