cvedb.io
CVE-2017-5936
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2017-04-12T22:59:00.740 · Last modified 2026-06-17T01:21:28.153

Summary

OpenStack Nova-LXD before 13.1.1 uses the wrong name for the veth pairs when applying Neutron security group rules for instances, which allows remote attackers to bypass intended security restrictions.

Affected products

canonical — ubuntu_linux

Does this affect you?

Add your gear to cvedb and we'll alert you only when canonical ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.