Skip to main content

Openvswitch CVE-2012-3449

LOW
Permissions, Privileges, and Access Controls (CWE-264)
2012-08-07 secalert@redhat.com
3.6
CVSS 2.0 · NVD

Severity by source

NVD PRIMARY
3.6 LOW
AV:L/AC:L/Au:N/C:N/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:L/Au:N/C:N/I:P/A:P
Attack Vector
Local
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Aug 07, 2012 - 20:55 cve.org
LOW 3.6

DescriptionCVE.org

Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files.

AnalysisAI

Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-264. Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files. Affected products include: Openvswitch.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2018-17205 HIGH POC
7.5 Sep 19

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c.

CVE-2016-2074 CRITICAL
9.8 Jul 03

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows

CVE-2017-9214 CRITICAL
9.8 May 23

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-r

CVE-2017-9265 CRITICAL
9.8 May 29

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the con

CVE-2017-9264 CRITICAL
9.8 May 29

In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing

CVE-2016-10377 HIGH
8.8 May 29

In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to

CVE-2024-22563 HIGH
7.5 Jan 19

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.

CVE-2017-9263 MEDIUM
6.5 May 29

In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for

CVE-2022-0669 MEDIUM
6.5 Aug 29

A flaw was found in dpdk. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. This Uncontroll

CVE-2017-14970 MEDIUM
5.9 Oct 02

In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow g

CVE-2023-5366 MEDIUM
5.5 Oct 06

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass Op

CVE-2021-36980 MEDIUM
5.5 Jul 20

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_

Share

CVE-2012-3449 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy