VDB
CVE-2021-40085
CVE-2021-40085
PUBLISHED
Es existiert eine Schwachstelle in Red Hat OpenStack. Der Fehler besteht in der Komponente Neutron aufgrund einer unsachgemäßen Eingabevalidierung. Durch die Erstellung von speziellen "extra_dhcp_opts"-Werten ist es möglich, die dnsmasq-Konfiguration zu manipulieren, Parameter für Tenants zu ändern, die dieselbe Schnittstelle nutzen oder das Verhalten des Daemons zu verändern. Ein entfernter authentisierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand auszulösen.
EPSS 1.35% · 80.4th percentile
Risk Scores
EPSS Score
1.35%
80.4th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Juniper SRX Series 4600 | |
| Juniper | Juniper QFX Series 10000 | |
| Red Hat | Red Hat Enterprise Linux | |
| Juniper | Juniper JUNOS PTX10001-36MR | |
| Juniper | Juniper JUNOS Evolved | |
| Juniper | Juniper JUNOS Contrail Cloud | |
| Juniper | Juniper SRX Series 5000 | |
| Debian | Debian Linux | |
| Juniper | Juniper JUNOS PTX10004 | |
| Juniper | Juniper JUNOS | |
| Juniper | Juniper JUNOS Space | |
| Juniper | Juniper MX Series | |
| Juniper | Juniper JUNOS PTX10008 | |
| Juniper | Juniper JUNOS PTX10016 | |
| Juniper | Juniper SRX Series | |
| Ubuntu | Ubuntu Linux |
Exploit Intelligence
- https://launchpad.net/bugs/1939733 (nist-nvd)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_4034.yar (github-yara)
- Linux_Exploit_CVE_2021_3156.yar (github-yara)
…and 143 more exploits
Timeline
- Aug 31, 2021 CVE Published
- Sep 1, 2021 EPSS Score
- Oct 29, 2021 EPSS Score
- Dec 26, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 22, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 21, 2022 EPSS Score
- Apr 22, 2022 PoC Published
- Aug 16, 2022 EPSS Score
- Oct 13, 2022 EPSS Score
- Dec 10, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2021/wid-sec-w-2023-1192.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1192 advisory
- https://ubuntu.com/security/notices/USN-6067-1 advisory
- https://access.redhat.com/errata/RHSA-2021:3481 advisory
- https://access.redhat.com/errata/RHSA-2021:3502 advisory
- https://access.redhat.com/errata/RHSA-2021:3503 advisory
- https://access.redhat.com/errata/RHSA-2021:3488 advisory
- https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html advisory
- https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1737.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1737 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71656 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71659 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71653 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71650 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71660 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71655 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71647 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71643 advisory
- https://kb.juniper.net/InfoCenter/index?page=content&id=JSA71642 advisory
…and 8 more