Published: 26/01/2023 Updated: 06/02/2023

CVSS v3 Base Score: 6.3 | Impact Score: 3.4 | Exploitability Score: 2.8

VMScore: 0

A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default," allowing users to disable seccomp for pods they can create and modify.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openshift 4.11
redhat openshift 4.12

Synopsis Moderate: OpenShift Container Platform 4130 security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4130 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...

Synopsis Important: OpenShift Container Platform 4130 security update Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic Red Hat OpenShift Container Platform release 4130 is now available with updates to packages and ima ...

DescriptionA flaw was found in githubcom/openshift/apiserver-library-go, used in OpenShift 412 and 411, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined" By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default ...

NVD-CWE-noinfo https://bugzilla.redhat.com/show_bug.cgi?id=2160349 https://access.redhat.com/errata/RHSA-2023:1328 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-0229

CVE-2023-0229

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect