Vulnerability Details CVE-2023-3153
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 21.8%
CVSS Severity
CVSS v3 Score 5.3
References
- https://access.redhat.com/security/cve/CVE-2023-3153
- https://bugzilla.redhat.com/show_bug.cgi?id=2213279
- https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd
- https://github.com/ovn-org/ovn/issues/198
- https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html
- https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html
- https://access.redhat.com/security/cve/CVE-2023-3153
- https://bugzilla.redhat.com/show_bug.cgi?id=2213279
- https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd
- https://github.com/ovn-org/ovn/issues/198
- https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html
- https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html
Products affected by CVE-2023-3153
-
cpe:2.3:a:ovn:open_virtual_network:-
-
cpe:2.3:a:ovn:open_virtual_network:20.03.0
-
cpe:2.3:a:ovn:open_virtual_network:20.03.1
-
cpe:2.3:a:ovn:open_virtual_network:20.03.2
-
cpe:2.3:a:ovn:open_virtual_network:20.06.0
-
cpe:2.3:a:ovn:open_virtual_network:20.06.1
-
cpe:2.3:a:ovn:open_virtual_network:20.06.2
-
cpe:2.3:a:ovn:open_virtual_network:20.06.3
-
cpe:2.3:a:ovn:open_virtual_network:20.09.0
-
cpe:2.3:a:ovn:open_virtual_network:20.12.0
-
cpe:2.3:a:ovn:open_virtual_network:21.03.0
-
cpe:2.3:a:ovn:open_virtual_network:21.06.0
-
cpe:2.3:a:ovn:open_virtual_network:21.09.0
-
cpe:2.3:a:ovn:open_virtual_network:21.09.1
-
cpe:2.3:a:ovn:open_virtual_network:21.12.0
-
cpe:2.3:a:ovn:open_virtual_network:21.12.1
-
cpe:2.3:a:ovn:open_virtual_network:21.12.2
-
cpe:2.3:a:ovn:open_virtual_network:22.03.0
-
cpe:2.3:a:ovn:open_virtual_network:22.03.1
-
cpe:2.3:a:ovn:open_virtual_network:22.03.2
-
cpe:2.3:a:ovn:open_virtual_network:22.03.4
-
cpe:2.3:a:ovn:open_virtual_network:22.06.0
-
cpe:2.3:a:ovn:open_virtual_network:22.06.1
-
cpe:2.3:a:ovn:open_virtual_network:22.09.0
-
cpe:2.3:a:ovn:open_virtual_network:22.09.1
-
cpe:2.3:a:ovn:open_virtual_network:22.09.3
-
cpe:2.3:a:ovn:open_virtual_network:22.12.0
-
cpe:2.3:a:ovn:open_virtual_network:22.12.2
-
cpe:2.3:a:ovn:open_virtual_network:23.03.0
-
cpe:2.3:a:ovn:open_virtual_network:23.03.2
-
cpe:2.3:a:ovn:open_virtual_network:23.06.0
-
cpe:2.3:a:redhat:fast_datapath:-
-
cpe:2.3:a:redhat:openshift_container_platform:4.0
-
cpe:2.3:o:redhat:enterprise_linux:9.0