CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N
EPSS
Percentile
20.6%
A flaw was found in OpenShift API, as admission checks do not enforce “custom-host” permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.
[
{
"product": "kubernetes",
"vendor": "n/a",
"defaultStatus": "affected"
},
{
"vendor": "Red Hat",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "rhacm2/agent-service-rhel8",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:acm:2"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Ansible Automation Platform 1.2",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kubernetes",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:ansible_automation_platform"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Ansible Tower 3",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "kubernetes",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:ansible_tower:3"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 3.11",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "atomic-openshift",
"defaultStatus": "unknown",
"cpes": [
"cpe:/a:redhat:openshift:3.11"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 4",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openshift-clients",
"defaultStatus": "affected",
"cpes": [
"cpe:/a:redhat:openshift:4"
]
}
]