Multiple DNS Rules in OVN Kubernetes Egress Firewall Vulnerability

Multiple DNS Rules in OVN Kubernetes Egress Firewall Vulnerability

CVE-2021-3499 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service.

Learn more about our Cis Benchmark Audit For Kubernetes.