N/A

CVSS Score

Basic Information

CVE ID

CVE-2015-5240

GHSA ID

GHSA-hhpj-6pj7-wpx5

EPSS Score

0.2752%

CWE

CWE-362

Published

5/17/2022

Updated

5/14/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2015-5240

CVE-2015-5240: OpenStack Neutron Race condition vulnerability

Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied.

(GitHub Advisory)

N/A

CVSS Score

Basic Information

CVE ID

CVE-2015-5240

GHSA ID

GHSA-hhpj-6pj7-wpx5

EPSS Score

0.2752%

CWE

CWE-362

Published

5/17/2022

Updated

5/14/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
neutron	pip	< 7.0.0	7.0.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis:

In progress

WAF Protection Rules

WAF Rule

R*** *on*ition in Op*nSt**k N*utron ***or* ****.*.* *n* ****.* ***or* ****.*.*, w**n usin* t** ML* plu*in or t** s**urity *roups *MQP *PI, *llows r*mot* *ut**nti**t** us*rs to *yp*ss IP *nti-spoo*in* *ontrols *y ***n*in* t** **vi** own*r o* * port to

Reasoning

No *n*lysis *v*il**l*

N/A

Basic Information

Concerned about an active attack path?

CVE-2015-5240: OpenStack Neutron Race condition vulnerability

N/A

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI