CVE-2023-4853 – Quarkus: http security policy bypass
https://notcve.org/view.php?id=CVE-2023-4853
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service. Se encontró una falla en Quarkus donde las políticas de seguridad HTTP no sanitiza correctamente ciertas permutaciones de caracteres al aceptar solicitudes, lo que resulta en una evaluación incorrecta de los permisos. Este problema podría permitir que un atacante eluda la política de seguridad por completo, lo que resultaría en un acceso no autorizado al endpoint y posiblemente una Denegación de Servicio. • https://access.redhat.com/errata/RHSA-2023:5170 https://access.redhat.com/errata/RHSA-2023:5310 https://access.redhat.com/errata/RHSA-2023:5337 https://access.redhat.com/errata/RHSA-2023:5446 https://access.redhat.com/errata/RHSA-2023:5479 https://access.redhat.com/errata/RHSA-2023:5480 https://access.redhat.com/errata/RHSA-2023:6107 https://access.redhat.com/errata/RHSA-2023:6112 https://access.redhat.com/errata/RHSA-2023:7653 https://access.redhat.com/security/cve • CWE-148: Improper Neutralization of Input Leaders CWE-863: Incorrect Authorization •
CVE-2023-3223 – Undertow: outofmemoryerror due to @multipartconfig handling
https://notcve.org/view.php?id=CVE-2023-3223
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. Se encontró una falla en el undertow. • https://access.redhat.com/errata/RHSA-2023:4505 https://access.redhat.com/errata/RHSA-2023:4506 https://access.redhat.com/errata/RHSA-2023:4507 https://access.redhat.com/errata/RHSA-2023:4509 https://access.redhat.com/errata/RHSA-2023:4918 https://access.redhat.com/errata/RHSA-2023:4919 https://access.redhat.com/errata/RHSA-2023:4920 https://access.redhat.com/errata/RHSA-2023:4921 https://access.redhat.com/errata/RHSA-2023:4924 https://access.redhat.com/errata/RHSA • CWE-789: Memory Allocation with Excessive Size Value •
CVE-2023-0264 – keycloak: user impersonation via stolen uuid code
https://notcve.org/view.php?id=CVE-2023-0264
A flaw was found in Keycloaks OpenID Connect user authentication, which may incorrectly authenticate requests. An authenticated attacker who could obtain information from a user request within the same realm could use that data to impersonate the victim and generate new session tokens. This issue could impact confidentiality, integrity, and availability. Se ha encontrado un fallo en la autenticación de usuarios en OpenID Connect de Keycloak, que podría autenticar incorrectamente las solicitudes. Un atacante autenticado que pudiera obtener información de una solicitud de usuario dentro del mismo entorno, podría utilizar esos datos para hacerse pasar por la víctima y generar nuevos tokens de sesión. • https://github.com/twwd/CVE-2023-0264 https://access.redhat.com/security/cve/CVE-2023-0264 https://bugzilla.redhat.com/show_bug.cgi?id=2160585 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVE-2023-1260 – Kube-apiserver: privesc
https://notcve.org/view.php?id=CVE-2023-1260
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod. Se descubrió una vulnerabilidad de omisión de autenticación en kube-apiserver. • https://access.redhat.com/errata/RHSA-2023:3976 https://access.redhat.com/errata/RHSA-2023:4093 https://access.redhat.com/errata/RHSA-2023:4312 https://access.redhat.com/errata/RHSA-2023:4898 https://access.redhat.com/errata/RHSA-2023:5008 https://access.redhat.com/security/cve/CVE-2023-1260 https://bugzilla.redhat.com/show_bug.cgi?id=2176267 https://github.com/advisories/GHSA-92hx-3mh6-hc49 https://security.netapp.com/advisory/ntap-20231020-0010 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVE-2023-3089 – Ocp & fips mode
https://notcve.org/view.php?id=CVE-2023-3089
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. • https://access.redhat.com/security/cve/CVE-2023-3089 https://bugzilla.redhat.com/show_bug.cgi?id=2212085 https://access.redhat.com/security/vulnerabilities/RHSB-2023-001 • CWE-521: Weak Password Requirements CWE-693: Protection Mechanism Failure •