A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.
References
Link | Resource |
---|---|
https://access.redhat.com/errata/RHSA-2023:5006 | Vendor Advisory |
https://access.redhat.com/errata/RHSA-2023:6130 | Vendor Advisory |
https://access.redhat.com/errata/RHSA-2023:6842 | Vendor Advisory |
https://access.redhat.com/errata/RHSA-2023:7479 | Vendor Advisory |
https://access.redhat.com/security/cve/CVE-2023-5408 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2242173 | Issue Tracking Vendor Advisory |
https://github.com/openshift/kubernetes/pull/1736 | Issue Tracking |
Configurations
Configuration 1 (hide)
|
History
21 Jan 2024, 01:48
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:* |
|
References | () https://access.redhat.com/errata/RHSA-2023:7479 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:6842 - Vendor Advisory | |
References | () https://access.redhat.com/errata/RHSA-2023:5006 - Vendor Advisory |
30 Dec 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
29 Nov 2023, 06:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-11-02 03:15
Updated : 2024-02-05 00:01
NVD link : CVE-2023-5408
Mitre link : CVE-2023-5408
CVE.ORG link : CVE-2023-5408
JSON object : View
Products Affected
redhat
- openshift_container_platform
CWE