CVE-2021-3499 - AskarLabs CVE Database

CVE-2021-3499

Vendor N/A

Product openshift/ovn-kubernetes

Weakness CWE-863 · Incorrect authorization

Published June 2, 2021

Last update August 3, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

A vulnerability was found in OVN Kubernetes in versions up to and including 0.3.0 where the Egress Firewall does not reliably apply firewall rules when there is multiple DNS rules. It could lead to potentially lose of confidentiality, integrity or availability of a service.

Key dates

02Disclosure timeline

June 2, 2021 CVE published

August 3, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2021-3499 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/863.html

Related vulnerabilities

04Related CVE

CVE-2026-2725 Improper Authorization in Gerrit allowing Code Review Bypass via "Submitted Together" CVE-2026-27112 Kargo has an Authorization Bypass Vulnerability in Batch Resource Creation API Endpoints CVE-2023-52077 External apps using tokens issued by administrators and moderators can call admin APIs CVE-2025-24437 Adobe Commerce | Incorrect Authorization (CWE-863) CVE-2024-10273 Improper Privilege Management in lunary-ai/lunary