7.2

CVE-2023-5408

Openshift: modification of node role labels

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.11% 0.617
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 1.2 5.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
secalert@redhat.com 7.2 1.2 5.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CWE-269 Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

https://access.redhat.com/errata/RHSA-2023:5006
Vendor Advisory
https://access.redhat.com/errata/RHSA-2023:6130
Vendor Advisory
https://access.redhat.com/errata/RHSA-2023:6842
Vendor Advisory
https://access.redhat.com/errata/RHSA-2023:7479
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2023-5408
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2242173
Vendor Advisory
Issue Tracking
https://github.com/openshift/kubernetes/pull/1736
Issue Tracking