Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-3089

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Published

2023-07-05T13:15:09.707

Last Modified

2024-11-21T08:16:25.273

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.0 (HIGH)

Weaknesses
  • Type: Secondary
    CWE-693
  • Type: Primary
    CWE-521
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application redhat openshift_container_platform 4.10 Yes
Operating System redhat enterprise_linux 7.0 No
Operating System redhat enterprise_linux 8.0 No
Application redhat openshift_container_platform_for_linuxone 4.10 Yes
Application redhat openshift_container_platform_for_linuxone 4.11 Yes
Application redhat openshift_container_platform_for_power 4.10 Yes
Application redhat openshift_container_platform_for_power 4.11 Yes
Application redhat openshift_container_platform_ibm_z_systems 4.10 Yes
Application redhat openshift_container_platform_ibm_z_systems 4.11 Yes
Operating System redhat enterprise_linux 8.0 No
Application redhat openshift_container_platform_for_arm64 4.10 Yes
Application redhat openshift_container_platform_for_arm64 4.11 Yes
Application redhat openshift_container_platform_for_arm64 4.12 Yes
Application redhat openshift_container_platform_for_linuxone 4.12 Yes
Application redhat openshift_container_platform_for_power 4.12 Yes
Application redhat openshift_container_platform_ibm_z_systems 4.12 Yes
Operating System redhat enterprise_linux 8.0 No
Operating System redhat enterprise_linux 9.0 No
Application redhat openshift_container_platform_for_arm64 4.12 Yes
Operating System redhat enterprise_linux 8.0 No
Operating System redhat enterprise_linux 9.0 No
References