30 matches found
CVE-2021-3586
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
Design/Logic Flaw
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
CVE-2021-3586
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
CVE-2021-3586
CVE-2021-3586 concerns Red Hat OpenShift Service Mesh (servicemesh-operator). The issue is that NetworkPolicy resources for Maistra do not properly specify ingress ports, potentially allowing access to all ports from any pod, which can impact confidentiality, integrity, and availability. The vuln...
Privilege Escalation
servicemesh-operator is vulnerable to privilege escalation. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod...
servicemesh-operator: NetworkPolicy resources incorrectly specify ports for ingress resources
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
CVE-2021-3586
A flaw was found in servicemesh-operator. The NetworkPolicy resources installed for Maistra do not properly specify which ports may be accessed, allowing access to all ports on these resources from any pod. The highest threat from this vulnerability is to data confidentiality and integrity as wel...
CVE-2018-10885
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service DoS attack on an Openshift 3.9, or 3.7 Cluster...
CVE-2018-10885
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service DoS attack on an Openshift 3.9, or 3.7 Cluster...
CVE-2018-10885
A malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service DoS attack on an Openshift 3.7 or 3.9 Cluster. Mitigation Use an alternative plugin such as ovs-subnet, or ovs-multitentant...