Main Vulnerability Database Vulnerabilities #VU62076

#VU62076 Security features bypass in Red Hat OpenShift Container Platform - CVE-2022-0567

Published: April 12, 2022

Vulnerability identifier: #VU62076

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2022-0567

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Red Hat OpenShift Container Platform

Software vendor:
Red Hat Inc.

Description

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists in ovn-kubernetes on a Kubernetes or OpenShift cluster. A local privileged user can create an egress network policy that bypasses existing an ingress policy, which allows network traffic to access pods that should not be reachable.

Remediation

Install updates from vendor's website.

External links

https://access.redhat.com/errata/RHSA-2022:1162
https://access.redhat.com/errata/RHSA-2022:1158
https://access.redhat.com/errata/RHSA-2022:1166
https://access.redhat.com/errata/RHSA-2022:1154
https://bugzilla.redhat.com/show_bug.cgi?id=2053326