Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-10885

Опубликовано: 04 июл. 2018
Источник: redhat
CVSS3: 6.5

Описание

In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.

A malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.7 or 3.9 Cluster.

Меры по смягчению последствий

Use an alternative plugin such as ovs-subnet, or ovs-multitentant if delivering a multitentant service.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Enterprise 3atomic-openshiftAffected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1597090atomic-openshift: Malicious network-policy can cause Openshift Routing DoS when using ovs-networkpolicy plugin

6.5 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2018-10885

CVSS3: 6.5
nvd
больше 7 лет назад

In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.

github логотип

GHSA-66vh-fjrh-f335

CVSS3: 7.5
github
больше 3 лет назад

In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.

6.5 Medium

CVSS3