Lucene search

K
redhatRedHatRHSA-2023:4885
HistoryAug 30, 2023 - 4:22 p.m.

(RHSA-2023:4885) Important: Red Hat OpenShift support for Windows Containers 8.0.2 security update

2023-08-3016:22:49
access.redhat.com
13
red hat openshift
windows containers
kubernetes
privilege escalation
security update

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

30.7%

Red Hat OpenShift support for Windows Containers allows you to deploy Windows container workloads running on Windows Server containers.

Security Fix(es):

  • kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation (CVE-2023-3676)

  • kubernetes: Insufficient input sanitization on Windows nodes leads to privilege escalation (CVE-2023-3955)

For more details about the security issue(s), including the impact, CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

30.7%