Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-0296

Published: 17/01/2023 Updated: 13/02/2023
CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Redhat

Vulnerability Summary

The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat openshift 4.11

Vendor Advisories

Red Hat: Low: OpenShift Container Platform 4.11.24 bug and security update
Synopsis Low: OpenShift Container Platform 41124 bug and security update Type/Severity Security Advisory: Low Topic Red Hat OpenShift Container Platform release 41124 is now available withupdates to packages and images that fix several bugsRed Hat Product Security has rated this update as having a security impact of Low A Common Vulnera ...
Red Hat: Low: OpenShift Container Platform 4.10.50 bug and security update
Synopsis Low: OpenShift Container Platform 41050 bug and security update Type/Severity Security Advisory: Low Topic Red Hat OpenShift Container Platform release 41050 is now available withupdates to packages and images that fix several bugsRed Hat Product Security has rated this update as having a security impactof Low A Common Vulnerab ...
Red Hat: Critical: OpenShift Container Platform 4.9.55 security update
Synopsis Critical: OpenShift Container Platform 4955 security update Type/Severity Security Advisory: Critical Topic Red Hat OpenShift Container Platform release 4955 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a security impact of ...
Red Hat: Moderate: OpenShift Container Platform 4.12.0 bug fix and security update
Synopsis Moderate: OpenShift Container Platform 4120 bug fix and security update Type/Severity Security Advisory: Moderate Topic Red Hat OpenShift Container Platform release 4120 is now available withupdates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift Cont ...
Red Hat:
Description<!---->The Birthday attack against 64-bit block ciphers (CVE-2016-2183) was reported for the health checks port (9979) on the etcd grpc-proxy component Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy Ther ...

References

CWE-327https://bugzilla.redhat.com/show_bug.cgi?id=2161287https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2023:0069https://access.redhat.com/security/cve/cve-2023-0296
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook