Описание
A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service.
A vulnerability was found in OVN Kubernetes where the Egress Firewall does not reliably apply firewall rules when there is multiple dns rules.
It could lead to potentially lose of confidentiality, integrity or availability of a service.
Отчет
In OpenShift Container Platform 4 the default Container Network Interface (CNI) network provider plug-in is OpenShift SDN, and it's not affected by this flaw. Only the OVN-Kubernetes CNI network provider is affected.
Дополнительная информация
Статус:
EPSS
5.6 Medium
CVSS3
Связанные уязвимости
A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service.
EPSS
5.6 Medium
CVSS3