Vulnerability Details CVE-2022-0567
A flaw was found in ovn-kubernetes. This flaw allows a system administrator or privileged attacker to create an egress network policy that bypasses existing ingress policies of other pods in a cluster, allowing network traffic to access pods that should not be reachable. This issue results in information disclosure and other attacks on other pods that should not be reachable.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.2%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.5
References
Products affected by CVE-2022-0567
-
cpe:2.3:a:ovn:ovn-kubernetes:-
-
cpe:2.3:a:ovn:ovn-kubernetes:0.1.0
-
cpe:2.3:a:ovn:ovn-kubernetes:0.2.0
-
cpe:2.3:a:ovn:ovn-kubernetes:0.3.0
-
cpe:2.3:a:ovn:ovn-kubernetes:0.3.11
-
cpe:2.3:a:ovn:ovn-kubernetes:4.10.0
-
cpe:2.3:a:ovn:ovn-kubernetes:4.8.0
-
cpe:2.3:a:ovn:ovn-kubernetes:4.9.0