CVE-2014-3703 Information

Description

OpenStack PackStack 2012.2.1 when the Open vSwitch (OVS) monolithic plug-in is not used does not properly set the libvirt_vif_driver configuration option when generating the nova.conf configuration which causes the firewall to be disabled and allows remote attackers to bypass intended access restrictions.

Reference

http://rhn.redhat.com/errata/RHSA-2014-1691.html