Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-5408

Published: 02/11/2023 Updated: 21/01/2024
CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2
VMScore: 0
Subscribe to Redhat

Vulnerability Summary

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat openshift container platform 4.12

redhat openshift container platform 4.11

redhat openshift container platform 4.13

redhat openshift container platform 4.14

Vendor Advisories

Red Hat: Important: OpenShift Container Platform 4.11.54 bug fix and security update
Synopsis Important: OpenShift Container Platform 41154 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41154 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Red Hat: Important: OpenShift Container Platform 4.12.43 bug fix and security update
Synopsis Important: OpenShift Container Platform 41243 bug fix and security update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 41243 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift ...
Red Hat:
Description<!---->A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the clusterA privilege escalation flaw was ...

References

NVD-CWE-noinfohttps://access.redhat.com/errata/RHSA-2023:6130https://access.redhat.com/security/cve/CVE-2023-5408https://bugzilla.redhat.com/show_bug.cgi?id=2242173https://github.com/openshift/kubernetes/pull/1736https://access.redhat.com/errata/RHSA-2023:6842https://access.redhat.com/errata/RHSA-2023:7479https://access.redhat.com/errata/RHSA-2023:5006https://access.redhat.com/errata/RHSA-2023:7479https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2023-5408
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook