Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5408

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.

Published

2023-11-02T03:15:10.230

Last Modified

2024-11-21T08:41:42.800

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Secondary
CWE-269
Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	redhat	openshift_container_platform	4.11	Yes
Application	redhat	openshift_container_platform	4.12	Yes
Application	redhat	openshift_container_platform	4.13	Yes
Application	redhat	openshift_container_platform	4.14	Yes

References

https://access.redhat.com/errata/RHSA-2023:5006 Vendor Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:6130 Vendor Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:6842 Vendor Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2023:7479 Vendor Advisory ([email protected])
https://access.redhat.com/security/cve/CVE-2023-5408 Vendor Advisory ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=2242173 Issue Tracking, Vendor Advisory ([email protected])
https://github.com/openshift/kubernetes/pull/1736 Issue Tracking ([email protected])
https://access.redhat.com/errata/RHSA-2023:5006 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:6130 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:6842 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2023:7479 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/security/cve/CVE-2023-5408 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=2242173 Issue Tracking, Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/openshift/kubernetes/pull/1736 Issue Tracking (af854a3a-2127-422b-91ae-364da2661108)