Multicluster engine for Kubernetes provides the foundational components
that are necessary for the centralized management of multiple
Kubernetes-based clusters across data centers, public clouds, and private
clouds.

You can use the engine to create new Red Hat OpenShift Container Platform
clusters or to bring existing Kubernetes-based clusters under management by
importing them. After the clusters are managed, you can use the APIs that
are provided by the engine to distribute configuration based on placement
policy.

Security fix(es):

CVE-2023-32314 vm2: Sandbox Escape
CVE-2023-32313 vm2: Inspect Manipulation

redhat 19

openvas 29

nessus 57

fedora 3

osv 17

oraclelinux 8

debian 2

almalinux 7

ibm 6

photon 5

slackware 1

ubuntu 3

cloudfoundry 1

f5 1

amazon 2

mageia 2

gentoo 2

prion 4

redhatcve 3

veracode 3

cve 3

github 2

cbl_mariner 9

rocky 1

ubuntucve 1

hackerone 2

debiancve 1

alpinelinux 2

cnvd 2

redos 1

redhat

(RHSA-2023:3353) Critical: Multicluster Engine for Kubernetes 2.0.9 security fixes and container updates

2023-05-30 15:51:08

(RHSA-2023:3379) Important: Red Hat Advanced Cluster Security for Kubernetes 3.73 security update

2023-05-31 11:14:52

(RHSA-2023:3342) Moderate: OpenShift Container Platform 4.13.4 CNF vRAN extras security update

2023-06-21 16:52:33

openvas

vm2 < 3.9.18 Multiple Vulnerabilities

2023-05-16 00:00:00

Ubuntu: Security Advisory (USN-5658-1)

2022-10-06 00:00:00

Slackware: Security Advisory (SSA:2022-278-01)

2022-10-06 00:00:00

nessus

EulerOS 2.0 SP5 : dhcp (EulerOS-SA-2023-1498)

2023-03-09 00:00:00

EulerOS 2.0 SP9 : dhcp (EulerOS-SA-2023-1097)

2023-01-06 00:00:00

EulerOS Virtualization 3.0.2.0 : dhcp (EulerOS-SA-2023-1727)

2023-05-07 00:00:00

fedora

[SECURITY] Fedora 37 Update: dhcp-4.4.3-4.P1.fc37

2022-10-17 22:55:45

[SECURITY] Fedora 35 Update: dhcp-4.4.3-4.P1.fc35

2022-10-26 17:35:20

[SECURITY] Fedora 36 Update: dhcp-4.4.3-4.P1.fc36

2022-10-14 13:03:27

osv

isc-dhcp vulnerabilities

2022-11-07 19:24:32

isc-dhcp - security update

2022-10-11 00:00:00

isc-dhcp vulnerabilities

2022-11-21 16:00:28

oraclelinux

dhcp security and enhancement update

2023-05-15 00:00:00

dhcp security and bug fix update

2023-05-24 00:00:00

device-mapper-multipath security and bug fix update

2023-05-24 00:00:00

debian

[SECURITY] [DSA 5251-1] isc-dhcp security update

2022-10-06 19:02:22

[SECURITY] [DLA 3146-1] isc-dhcp security update

2022-10-10 23:44:21

almalinux

Moderate: dhcp security and enhancement update

2023-05-09 00:00:00

Moderate: dhcp security and bug fix update

2023-05-16 00:00:00

Moderate: device-mapper-multipath security and bug fix update

2023-05-16 00:00:00

ibm

Security Bulletin: ISC DHCP server for IBM i is vulnerable to a denial of service attack due to a memory leak and refererence count overflow (CVE-2022-2928, CVE-2022-2929)

2022-12-02 14:12:59

Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring operands is vulnerable to arbitrary code execution due to [CVE-2023-32314]

2023-05-31 15:22:42

Security Bulletin: IBM App Connect Enterprise Certified Container IntegrationServer and IntegrationRuntime operands that run designer flows containing Box nodes are vulnerable to security restriction bypass due to [CVE-2023-32313]

2023-06-01 15:03:46

photon

Moderate Photon OS Security Update - PHSA-2022-0259

2022-10-06 00:00:00

Moderate Photon OS Security Update - PHSA-2022-4.0-0259

2022-10-06 00:00:00

Moderate Photon OS Security Update - PHSA-2023-5.0-0100

2023-09-26 00:00:00

slackware

[slackware-security] dhcp

2022-10-05 19:04:05

ubuntu

DHCP vulnerabilities

2022-11-21 00:00:00

DHCP vulnerabilities

2022-10-05 00:00:00

DHCP vulnerabilities

2022-11-07 00:00:00

cloudfoundry

USN-5658-1: DHCP vulnerabilities | Cloud Foundry

2022-12-07 00:00:00

K41133903 : ISC DHCP vulnerabilities CVE-2022-2928 CVE-2022-2929

2022-11-07 00:00:00

amazon

Medium: dhcp

2022-10-31 19:40:00

Low: libarchive

2023-11-29 22:20:00

mageia

Updated dhcp packages fix security vulnerability

2022-10-19 02:14:56

Updated libarchive packages fix security vulnerability

2022-12-14 01:09:19

gentoo

ISC DHCP: Multiple Vulnerabilities

2023-05-03 00:00:00

libarchive: Multiple Vulnerabilities

2023-09-29 00:00:00

prion

Remote code execution

2023-05-15 20:15:00

Command injection

2023-05-15 20:15:00

Authentication flaw

2023-03-30 20:15:00

redhatcve

CVE-2023-32313

2023-05-18 19:16:20

CVE-2023-32314

2023-05-18 19:16:15

CVE-2023-27535

2023-03-21 13:13:39

veracode

Remote Code Execution (RCE)

2023-05-17 00:31:21

Privilege Escalation

2022-11-19 14:27:14

Authentication Bypass

2023-03-21 00:27:47

cve

CVE-2023-32313

2023-05-15 20:15:09

CVE-2023-32314

2023-05-15 20:15:09

CVE-2023-27535

2023-03-30 20:15:07

github

vm2 vulnerable to Inspect Manipulation

2023-05-17 03:49:37

vm2 Sandbox Escape vulnerability

2023-05-15 20:50:51

cbl_mariner

CVE-2022-41973 affecting package device-mapper-multipath 0.8.6-1

2024-04-25 03:08:58

CVE-2023-27535 affecting package cmake 3.21.4-10

2024-03-19 17:21:46

CVE-2023-27535 affecting package mysql 8.0.33-1

2023-11-17 23:23:29

rocky

curl security and bug fix update

2023-05-18 19:18:14

ubuntucve

CVE-2023-27535

2023-03-20 00:00:00

hackerone

Internet Bug Bounty: CVE-2023-27535: FTP too eager connection reuse

2023-03-20 07:38:58

curl: CVE-2023-27535: FTP too eager connection reuse

2023-03-05 21:25:18

debiancve

CVE-2023-27535

2023-03-30 20:15:07

alpinelinux

CVE-2023-27535

2023-03-30 20:15:07

CVE-2022-36227

2022-11-22 02:15:00

cnvd

libarchive Code Execution Vulnerability

2022-11-24 00:00:00

A binary vulnerability exists in libarchive (CNVD-2022-90746)

2022-11-29 00:00:00

redos

ROS-20221216-01

2022-12-16 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

10 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.005 Low

EPSS

Percentile

77.0%

JSON

Related for RHSA-2023:3325