CVE-2022-0567

State: PUBLISHED · Published: 2022-04-20 · Updated: 2024-08-02 · Assigner: redhat

Description

A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker to create an egress network policy that bypasses existing ingress policies of other pods in a cluster, allowing network traffic to access pods that should not be reachable. This issue results in information disclosure and other attacks on other pods that should not be reachable.

CWE

CWE-20 — CWE-20

Affected

n/a / ovn-kubernetes — v=OCP v 4.10.8 [affected]

CVSS

(none)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2053326 x_refsource_MISC

Source

cvelistV5-main/cves/2022/0xxx/CVE-2022-0567.json