Brian Haley

**Name of the Vulnerable Software and Affected Versions** Open Virtual Network (OVN) (affected versions not specified) **Description** A flaw was found in the Open Virtual Network (OVN) that allows specially crafted UDP packets to bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network. The OVN installation is vulnerable if a logical switch has DNS records set on it and if the same switch has any egress ACLs configured on it. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.