Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2023-0813

Published: 15/09/2023 Updated: 03/05/2024
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Redhat

Vulnerability Summary

A flaw was found in the Network Observability plugin for OpenShift console. Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authentication.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat network_observability 1.0

Vendor Advisories

Red Hat: Important: Network observability 1.1.0 security update
Synopsis Important: Network observability 110 security update Type/Severity Security Advisory: Important Topic Network observability 110 release for OpenShiftRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rati ...
Red Hat:
Description<!---->A flaw was found in the Network Observability plugin for OpenShift console Unless the Loki authToken configuration is set to FORWARD mode, authentication is no longer enforced, allowing any user who can connect to the OpenShift Console in an OpenShift cluster to retrieve flows without authenticationA flaw was found in the Networ ...

References

CWE-287https://bugzilla.redhat.com/show_bug.cgi?id=2169468https://access.redhat.com/security/cve/CVE-2023-0813https://access.redhat.com/errata/RHSA-2023:0786https://access.redhat.com/errata/RHSA-2023:0786https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-0813
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
IMAPCVE-2024-4367server-side request forgeryinformation disclosureCVE-2024-34342CVE-2024-4281CVE-2024-3507CVE-2024-25560CVE-2024-34574
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook