CVE-2014-0592 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2014-0592 Interim 1 6 2023-12-08T02:30:18Z current 2021-05-30T13:18:28Z 2023-12-08T02:30:18Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2014-0592 Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass security group restrictions via unspecified vectors, related to floating IPs. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2014-March/000767.html E-Mail link for SUSE-SU-2014:0452-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE OpenStack Cloud 3.0 crowbar-barclamp-network-1.7+git.1392820032.ebfa91f-0.7.2 crowbar-barclamp-network-1.7+git.1392820032.ebfa91f-0.7.2 as a component of SUSE OpenStack Cloud 3.0 Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass security group restrictions via unspecified vectors, related to floating IPs. CVE-2014-0592 SUSE OpenStack Cloud 3.0:crowbar-barclamp-network-1.7+git.1392820032.ebfa91f-0.7.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P