CVE-2023-5056

🗓️ 18 Dec 2023 13:43:07Reported by redhatType

A flaw in Skupper operator allows authenticated attacker to view deployments in all namespace

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2023-5056	9 Oct 202512:11	–	circl
CNNVD	Skupper skupper-operator security vulnerability	26 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-5056 Skupper-operator: privelege escalation via config map	18 Dec 202313:43	–	cvelist
EUVD	EUVD-2023-57399	3 Oct 202520:07	–	euvd
NVD	CVE-2023-5056	18 Dec 202314:15	–	nvd
OSV	CVE-2023-5056	18 Dec 202314:15	–	osv
Prion	Design/Logic Flaw	18 Dec 202314:15	–	prion
Positive Technologies	PT-2023-7534 · Unknown · Skupper Operator	18 Sep 202300:00	–	ptsecurity
RedhatCVE	CVE-2023-5056	26 Oct 202315:57	–	redhatcve
RedHat Linux	Important: Red Hat Security Advisory: Red Hat Service Interconnect security update	31 Oct 202318:03	–	redhat

NVD

Node

redhat service_interconnectMatch1.0

AND

redhat enterprise_linuxMatch9.0

[
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-config-sync-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.4.3-5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-flow-collector-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.4.3-5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-operator-bundle",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.4.3-6",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-router-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "2.4.3-3",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-service-controller-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.4.3-4",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Service Interconnect 1 for RHEL 9",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "service-interconnect/skupper-site-controller-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.4.3-6",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:service_interconnect:1::el9"
    ]
  }
]

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2023:6219
access	www.access.redhat.com/security/cve/CVE-2023-5056

20 Nov 2025 07:02Current

4.9Medium risk

Vulners AI Score4.9

CVSS 3.14.1 - 6.8

EPSS0.0005

CWE-862