{"containers": {"cna": {"affected": [{"product": "openstack-neutron", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "openstack-neutron-10.0.2-1.1"}, {"status": "affected", "version": "openstack-neutron-8.3.0-11.1"}, {"status": "affected", "version": "openstack-neutron-9.3.1-2.1"}, {"status": "affected", "version": "openstack-neutron-7.2.0-12.1"}]}], "datePublic": "2017-07-21T00:00:00", "descriptions": [{"lang": "en", "value": "A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources."}], "metrics": [{"cvssV3_0": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-362", "description": "CWE-362", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2018-07-27T09:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543"}, {"name": "RHSA-2017:2447", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2447"}, {"name": "RHSA-2017:2451", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2451"}, {"name": "RHSA-2017:2450", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2450"}, {"name": "RHSA-2017:2448", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2448"}, {"name": "100237", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/100237"}, {"name": "RHSA-2017:2452", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2452"}, {"name": "RHSA-2017:2449", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2449"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:04:11.998Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543"}, {"name": "RHSA-2017:2447", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2447"}, {"name": "RHSA-2017:2451", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2451"}, {"name": "RHSA-2017:2450", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2450"}, {"name": "RHSA-2017:2448", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2448"}, {"name": "100237", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/100237"}, {"name": "RHSA-2017:2452", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2452"}, {"name": "RHSA-2017:2449", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2449"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2017-7543", "datePublished": "2018-07-26T14:00:00", "dateReserved": "2017-04-05T00:00:00", "dateUpdated": "2024-08-05T16:04:11.998Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*", "matchCriteriaId": "535B14F3-B477-4410-82A7-4B05601B99EC", "versionEndExcluding": "7.2.0-12.1", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*", "matchCriteriaId": "0743F5FE-B914-4C56-BBEA-421DBF312226", "versionEndExcluding": "8.3.0-11.1", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*", "matchCriteriaId": "888D9FEF-5818-42A8-B419-0338CAA7437D", "versionEndExcluding": "9.3.1-2.1", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*", "matchCriteriaId": "8BF58FC3-DFD1-4620-82D2-6FD1441FCD24", "versionEndExcluding": "10.0.2-1.1", "versionStartIncluding": "10.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "31EC146C-A6F6-4C0D-AF87-685286262DAA", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "9DAA72A4-AC7D-4544-89D4-5B07961D5A95", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*", "matchCriteriaId": "E8B8C725-34CF-4340-BE7B-37E58CF706D6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*", "matchCriteriaId": "F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", "matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*", "matchCriteriaId": "4E9AF77C-5D49-4842-9817-AD710A919073", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources."}, {"lang": "es", "value": "Se ha descubierto una condici\u00f3n de carrera en openstack-neutron en versiones anteriores a la 7.2.0-12.1, 8.x anteriores a la 8.3.0-11.1, 9.x anteriores a la 9.3.1-2.1 y 10.x anteriores a la 10.0.2-1.1, cuando, siguiendo a una actualizaci\u00f3n overcloud menor, los grupos de seguridad neutron estaban deshabilitados. De manera espec\u00edfica, lo siguiente se ha reiniciado a 0: net.bridge.bridge-nf-call-ip6tables y net.bridge.bridge-nf-call-iptables. La carrera solo se desencaden\u00f3 con una actualizaci\u00f3n, en cuyo momento un atacante pod\u00eda acceder a las m\u00e1quinas virtuales de los inquilinos y a los recursos de red expuestos."}], "id": "CVE-2017-7543", "lastModified": "2023-02-12T23:30:50.897", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2018-07-26T14:29:00.483", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/100237"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2447"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2448"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2449"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2450"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2451"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2452"}, {"source": "secalert@redhat.com", "tags": ["Mitigation", "Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "This issue was discovered by Paul Needle (Red Hat).", "affected_release": [{"advisory": "RHSA-2017:2452", "cpe": "cpe:/a:redhat:openstack:6::el7", "package": "openstack-neutron-0:2014.2.3-42.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "release_date": "2017-08-08T00:00:00Z"}, {"advisory": "RHSA-2017:2450", "cpe": "cpe:/a:redhat:openstack:7::el7", "package": "openstack-neutron-0:2015.1.4-16.1.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "release_date": "2017-08-08T00:00:00Z"}, {"advisory": "RHSA-2017:2448", "cpe": "cpe:/a:redhat:openstack:10::el7", "package": "openstack-neutron-1:9.3.1-2.1.el7ost", "product_name": "Red Hat OpenStack Platform 10.0 (Newton)", "release_date": "2017-08-08T00:00:00Z"}, {"advisory": "RHSA-2017:2449", "cpe": "cpe:/a:redhat:openstack:11::el7", "package": "openstack-neutron-1:10.0.2-1.1.el7ost", "product_name": "Red Hat OpenStack Platform 11.0 (Ocata)", "release_date": "2017-08-08T00:00:00Z"}, {"advisory": "RHSA-2017:2451", "cpe": "cpe:/a:redhat:openstack:8::el7", "package": "openstack-neutron-1:7.2.0-12.1.el7ost", "product_name": "Red Hat OpenStack Platform 8.0 (Liberty)", "release_date": "2017-08-08T00:00:00Z"}, {"advisory": "RHSA-2017:2447", "cpe": "cpe:/a:redhat:openstack:9::el7", "package": "openstack-neutron-1:8.3.0-11.1.el7ost", "product_name": "Red Hat OpenStack Platform 9.0 (Mitaka)", "release_date": "2017-08-08T00:00:00Z"}], "bugzilla": {"description": "openstack-neutron: iptables not active after update", "id": "1473792", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1473792"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "status": "verified"}, "cwe": "CWE-362", "details": ["A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources.", "A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources."], "mitigation": {"lang": "en:us", "value": "To determine whether your system is impacted, run:\n$ sudo sysctl net.bridge.bridge-nf-call-ip6tables \n$ sudo sysctl net.bridge.bridge-nf-call-iptables\nBoth should be set to 1\nTo reset security groups to '1':\n1. Apply the following configuration modification:\n$ sudo sed -i.back -e 's/reapply_sysctl = 0/reapply_sysctl = 1/' /etc/tuned/tuned-main.conf\n2. Ensure the modification was successful:\n$ grep reapply_sysctl /etc/tuned/tuned-main.conf\nshould be \"reapply_sysctl = 1\"\n3. Check whether tuned is running:\n$ sudo systemctl status tuned\n4. Restart tuned to apply the new configuration:\n$ sudo systemctl restart tuned\n5. Recheck your security groups and the status of 'reapply_sysctl'."}, "name": "CVE-2017-7543", "package_state": [{"cpe": "cpe:/a:redhat:openstack:12", "fix_state": "Not affected", "package_name": "openstack-neutron", "product_name": "Red Hat OpenStack Platform 12 (Pike)"}], "public_date": "2017-08-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-7543\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-7543"], "threat_severity": "Important"}