Lucene search
+L

15 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:32 a.m.41 views

Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by a Kubernetes API server security vulnerability (CVE-2023-1260)

Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in the Kubernetes API server that may allow an authenticated user evade security context constraints SCCs admission restrictions, thereby gaining control of a privileged pod CVE-2023-1260. Vulnerability Details CVEID:...

8CVSS8.1AI score0.01569EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.25 views

RHEL 9 : Red Hat build of MicroShift 4.14.0 (RHSA-2023:5008)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5008 advisory. Red Hat build of MicroShift is Red Hat's light-weight Kubernetes orchestration solution designed for edge device deployments and is built fr...

8CVSS7.2AI score0.02157EPSS
Exploits1References61
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.17 views

RHEL 8 : OpenShift Container Platform 4.11.46 (RHSA-2023:4312)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:4312 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

8CVSS7.6AI score0.01569EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.29 views

RHEL 8 / 9 : OpenShift Container Platform 4.12.24 (RHSA-2023:3976)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3976 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

8CVSS7.6AI score0.01569EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/23 12:0 a.m.26 views

RHEL 7 / 8 : OpenShift Container Platform 4.10.67 (RHSA-2023:4898)

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:4898 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private clo...

8CVSS7.6AI score0.01569EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/01/24 12:0 a.m.26 views

RHCOS 4 : OpenShift Container Platform 4.12.24 (RHSA-2023:3976)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3976 advisory. - kube-apiserver: PrivEsc CVE-2023-1260 Note that Nessus has not tested for this issue but has instead relied only on the application's...

8CVSS7.3AI score0.01569EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/10/31 2:23 p.m.49 views

Important: Red Hat Security Advisory: Red Hat build of MicroShift 4.14.0 security update

Red Hat build of MicroShift release 4.14.0 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...

8CVSS6.7AI score0.02157EPSS
Exploits1References53
NVD
NVD
added 2023/09/24 1:15 a.m.32 views

CVE-2023-1260

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

8CVSS7.8AI score0.01569EPSS
Exploits0References9
Cvelist
Cvelist
added 2023/09/24 12:7 a.m.32 views

CVE-2023-1260 Kube-apiserver: privesc

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

8CVSS8AI score0.01569EPSS
Exploits0References9
CVE
CVE
added 2023/09/24 12:7 a.m.2655 views

CVE-2023-1260

CVE-2023-1260 describes an authentication bypass in kube-apiserver within Red Hat OpenShift Container Platform, enabling an authenticated user with update/patch rights on pods/ephemeralcontainers to bypass SCC admission restrictions and gain control of a privileged pod. Affected OpenShift version...

8CVSS7.7AI score0.01569EPSS
Exploits0References9Affected Software1
RedHat Linux
RedHat Linux
added 2023/09/06 1:21 a.m.36 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.10.67 security update

Red Hat OpenShift Container Platform release 4.10.67 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a...

8CVSS7.2AI score0.01569EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2023/08/02 1:12 a.m.28 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.11.46 security update

Red Hat OpenShift Container Platform release 4.11.46 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a...

8CVSS7.2AI score0.01569EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/07/20 5:32 p.m.373 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.13.5 security update

Red Hat OpenShift Container Platform release 4.13.5 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a...

9.8CVSS6.7AI score0.02281EPSS
Exploits1References12
RedHat Linux
RedHat Linux
added 2023/07/12 4:10 a.m.22 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.12.24 packages and security update

Red Hat OpenShift Container Platform release 4.12.24 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a...

8CVSS7.2AI score0.01569EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2023/04/04 9:43 p.m.43 views

CVE-2023-1260

An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch...

8CVSS7.6AI score0.01569EPSS
Exploits0References4
Rows per page
Query Builder