FKIE_CVE-2023-3153

Vulnerability from fkie_nvd - Published: 2023-10-04 12:15 - Updated: 2024-11-21 08:16
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
References
secalert@redhat.comhttps://access.redhat.com/security/cve/CVE-2023-3153Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2213279Issue Tracking
secalert@redhat.comhttps://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bdPatch
secalert@redhat.comhttps://github.com/ovn-org/ovn/issues/198Issue Tracking
secalert@redhat.comhttps://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.htmlMitigation, Patch
secalert@redhat.comhttps://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.htmlPatch
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/security/cve/CVE-2023-3153Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=2213279Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bdPatch
af854a3a-2127-422b-91ae-364da2661108https://github.com/ovn-org/ovn/issues/198Issue Tracking
af854a3a-2127-422b-91ae-364da2661108https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.htmlMitigation, Patch
af854a3a-2127-422b-91ae-364da2661108https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.htmlPatch
Impacted products
Vendor Product Version
ovn open_virtual_network *
ovn open_virtual_network *
ovn open_virtual_network *
ovn open_virtual_network *
ovn open_virtual_network *
redhat openshift_container_platform 4.0
redhat fast_datapath -
redhat enterprise_linux 9.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CA7DFF4-C739-4EE8-AC5D-6EC06E387309",
              "versionEndExcluding": "22.03.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B2BA9A-04F3-4E63-B367-E7AE5AD04FB1",
              "versionEndExcluding": "22.09.2",
              "versionStartIncluding": "22.03.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "393B5A8F-01A6-48E3-9D04-E9F5EDDCA555",
              "versionEndExcluding": "22.12.1",
              "versionStartIncluding": "22.09.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "20978238-A456-4B17-B7AD-DC006C6B16A2",
              "versionEndExcluding": "23.03.1",
              "versionStartIncluding": "22.12.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "D7AF4A0C-4E74-4721-96E0-E5A400B9AF58",
              "versionEndExcluding": "23.06.1",
              "versionStartIncluding": "23.03.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:fast_datapath:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A63D05D-BFAF-484B-BA49-5F5E399CDA02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F6FB57C-2BC7-487C-96DD-132683AEB35D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured."
    },
    {
      "lang": "es",
      "value": "Se encontr\u00f3 una falla en Open Virtual Network donde el monitor de servicio MAC no califica correctamente el l\u00edmite. Este problema podr\u00eda permitir que un atacante provoque una denegaci\u00f3n de servicio, incluso en implementaciones con CoPP habilitado y configurado correctamente."
    }
  ],
  "id": "CVE-2023-3153",
  "lastModified": "2024-11-21T08:16:34.670",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-10-04T12:15:10.503",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/security/cve/CVE-2023-3153"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213279"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/ovn-org/ovn/issues/198"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mitigation",
        "Patch"
      ],
      "url": "https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/security/cve/CVE-2023-3153"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2213279"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://github.com/ovn-org/ovn/issues/198"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mitigation",
        "Patch"
      ],
      "url": "https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-770"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.