Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2023-3089
HistoryJul 05, 2023 - 12:17 p.m.

CVE-2023-3089

2023-07-0512:17:52
redhat.com
access.redhat.com
19
red hat
openshift
container platform
fips mode
compliance
cryptographic modules
validation
cve-2023-3089
mitigation

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

44.9%

JSON

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Mitigation

Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected packages as soon as possible.

Related

nessus 11
nvd 1
prion 1
redhat 40
cve 1
cvelist 1
nessus
nessus
RHEL 8 / 9 : OpenShift Container Platform 4.12.23 (RHSA-2023:3924)
2024-04-28 00:00:00
RHCOS 4 : OpenShift Container Platform 4.12.23 (RHSA-2023:3924)
2024-01-24 00:00:00
RHEL 8 : Release of OpenShift Serverless Client kn 1.29.1 (Moderate) (RHSA-2023:4471)
2024-04-28 00:00:00
nvd
nvd
CVE-2023-3089
2023-07-05 13:15:09
prion
prion
Design/Logic Flaw
2023-07-05 13:15:00
redhat
redhat
(RHSA-2023:4471) Moderate: Release of OpenShift Serverless Client kn 1.29.1
2023-08-03 14:52:16
(RHSA-2023:3924) Moderate: OpenShift Container Platform 4.12.23 security update
2023-07-06 14:04:22
(RHSA-2023:4862) Critical: Multicluster Engine for Kubernetes 2.3.1 security updates and bug fixes
2023-08-29 14:04:31
cve
cve
CVE-2023-3089
2023-07-05 13:15:09
cvelist
cvelist
CVE-2023-3089 Ocp & fips mode
2023-07-05 12:21:03

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

44.9%

JSON
Related for RH:CVE-2023-3089
nessus11nvd1prion1redhat40cve1cvelist1