Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-3499

Related Vulnerabilities: CVE-2021-3499  

A vulnerability was found in OVN Kubernetes where the Egress Firewall does not reliably apply firewall rules when there is multiple dns rules. It could lead to potentially lose of confidentiality, integrity or availability of a service.

Source

Description

A vulnerability was found in OVN Kubernetes where the Egress Firewall does not reliably apply firewall rules when there is multiple dns rules. It could lead to potentially lose of confidentiality, integrity or availability of a service.

Statement

In OpenShift Container Platform 4 the default Container Network Interface (CNI) network provider plug-in is OpenShift SDN, and it's not affected by this flaw. Only the OVN-Kubernetes CNI network provider is affected.

In OpenShift Container Platform 4 the default Container Network Interface (CNI) network provider plug-in is OpenShift SDN, and it's not affected by this flaw. Only the OVN-Kubernetes CNI network provider is affected.

Additional Information

  • Bugzilla 1949188: CVE-2021-3499 openshift/ovn-kubernetes: Egress Firewall does not reliably apply firewall rules
  • CWE-863: Incorrect Authorization
  • FAQ: Frequently asked questions about CVE-2021-3499

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started