CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2022-0567 – ovn-kubernetes: Ingress network policy can be overruled by egress network policy on another pod
https://notcve.org/view.php?id=CVE-2022-0567
11 Apr 2022 — A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker to create an egress network policy that bypasses existing ingress policies of other pods in a cluster, allowing network traffic to access pods that should not be reachable. This issue results in information disclosure and other attacks on other pods that should not be reachable. Se ha encontrado un fallo en ovn-kubernetes. Este fallo permite a un administrador del sistema o a un atacante con privilegios crear ... • https://bugzilla.redhat.com/show_bug.cgi?id=2053326 • CWE-20: Improper Input Validation CWE-179: Incorrect Behavior Order: Early Validation •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-3499
https://notcve.org/view.php?id=CVE-2021-3499
02 Jun 2021 — A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service. Se ha encontrado una vulnerabilidad en OVN Kubernetes en las versiones hasta 0.3.0 incluyéndola, en la que Egress Firewall no aplica de forma fiable las reglas del firewall cuando se presentan múltiples reglas DNS. Esto podría conllevar ... • https://bugzilla.redhat.com/show_bug.cgi?id=1949188 • CWE-863: Incorrect Authorization •