Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2023-5408
HistoryNov 02, 2023 - 3:15 a.m.

CVE-2023-5408

2023-11-0203:15:10
CWE-269
[email protected]
web.nvd.nist.gov
6
cve-2023-5408
node restriction admission plugin
remote attacker
workload steering
control plane
etcd nodes
worker nodes
cluster access

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

48.6%

JSON

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.

Affected configurations

Nvd
Node
redhatopenshift_container_platformMatch4.11
OR
redhatopenshift_container_platformMatch4.12
OR
redhatopenshift_container_platformMatch4.13
OR
redhatopenshift_container_platformMatch4.14
VendorProductVersionCPE
redhatopenshift_container_platform4.11cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:*
redhatopenshift_container_platform4.12cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:*
redhatopenshift_container_platform4.13cpe:2.3:a:redhat:openshift_container_platform:4.13:*:*:*:*:*:*:*
redhatopenshift_container_platform4.14cpe:2.3:a:redhat:openshift_container_platform:4.14:*:*:*:*:*:*:*

Related

prion 1
cbl_mariner 2
cvelist 1
nessus 1
ibm 3
cve 1
redhatcve 1
redhat 4
prion
prion
Privilege escalation
2023-11-02 03:15:00
cbl_mariner
cbl_mariner
CVE-2023-5408 affecting package kubernetes for versions less than 1.28.4-5
2024-04-10 21:48:40
CVE-2023-5408 affecting package kubernetes for versions less than 1.29.1-2
2024-03-19 17:21:46
cvelist
cvelist
CVE-2023-5408 Openshift: modification of node role labels
2023-11-02 02:55:58
nessus
nessus
CBL Mariner 2.0 Security Update: kubernetes (CVE-2023-5408)
2024-07-03 00:00:00
ibm
ibm
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2023-5408)
2024-02-05 11:44:30
Security Bulletin: IBM Storage Fusion HCI is vulnerable to elevated privileges due to OpenShift.
2024-05-11 16:54:01
Security Bulletin: IBM Cloud Pak for Data is vulnerable due to k8s.io/kubernetes ( CVE-2023-2728, CVE-2023-2727, CVE-2023-5408, CVE-2023-3955, CVE-2023-3676 )
2024-08-08 15:28:15
cve
cve
CVE-2023-5408
2023-11-02 03:15:10
redhatcve
redhatcve
CVE-2023-5408
2023-10-04 22:31:33
redhat
redhat
(RHSA-2023:6842) Important: OpenShift Container Platform 4.12.43 bug fix and security update
2023-11-16 20:28:39
(RHSA-2023:6130) Important: OpenShift Container Platform 4.13.19 bug fix and security update
2023-10-30 13:46:25
(RHSA-2023:7479) Important: OpenShift Container Platform 4.11.54 bug fix and security update
2023-11-29 01:35:44

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

48.6%

JSON
Related for NVD:CVE-2023-5408
prion1cbl_mariner2cvelist1nessus1ibm3cve1redhatcve1redhat4