mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 17:21:36 +00:00
217 lines
6.3 KiB
JSON
217 lines
6.3 KiB
JSON
{
|
|
"id": "CVE-2023-3153",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2023-10-04T12:15:10.503",
|
|
"lastModified": "2023-11-07T04:18:03.807",
|
|
"vulnStatus": "Modified",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se encontr\u00f3 una falla en Open Virtual Network donde el monitor de servicio MAC no califica correctamente el l\u00edmite. Este problema podr\u00eda permitir que un atacante provoque una denegaci\u00f3n de servicio, incluso en implementaciones con CoPP habilitado y configurado correctamente."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "LOW",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
},
|
|
{
|
|
"source": "secalert@redhat.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "NONE",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "LOW",
|
|
"baseScore": 5.3,
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 1.4
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-770"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"source": "secalert@redhat.com",
|
|
"type": "Secondary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-400"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
|
|
"versionEndExcluding": "22.03.3",
|
|
"matchCriteriaId": "5CA7DFF4-C739-4EE8-AC5D-6EC06E387309"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "22.03.4",
|
|
"versionEndExcluding": "22.09.2",
|
|
"matchCriteriaId": "66B2BA9A-04F3-4E63-B367-E7AE5AD04FB1"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "22.09.3",
|
|
"versionEndExcluding": "22.12.1",
|
|
"matchCriteriaId": "393B5A8F-01A6-48E3-9D04-E9F5EDDCA555"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "22.12.2",
|
|
"versionEndExcluding": "23.03.1",
|
|
"matchCriteriaId": "20978238-A456-4B17-B7AD-DC006C6B16A2"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
|
|
"versionStartIncluding": "23.03.2",
|
|
"versionEndExcluding": "23.06.1",
|
|
"matchCriteriaId": "D7AF4A0C-4E74-4721-96E0-E5A400B9AF58"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "AND",
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:redhat:fast_datapath:-:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0A63D05D-BFAF-484B-BA49-5F5E399CDA02"
|
|
}
|
|
]
|
|
},
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": false,
|
|
"criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://access.redhat.com/security/cve/CVE-2023-3153",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213279",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Issue Tracking"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://github.com/ovn-org/ovn/issues/198",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Issue Tracking"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Mitigation",
|
|
"Patch"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html",
|
|
"source": "secalert@redhat.com",
|
|
"tags": [
|
|
"Patch"
|
|
]
|
|
}
|
|
]
|
|
} |