CVE-2023-4853 – Quarkus: http security policy bypass
https://notcve.org/view.php?id=CVE-2023-4853
A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service. Se encontró una falla en Quarkus donde las políticas de seguridad HTTP no sanitiza correctamente ciertas permutaciones de caracteres al aceptar solicitudes, lo que resulta en una evaluación incorrecta de los permisos. Este problema podría permitir que un atacante eluda la política de seguridad por completo, lo que resultaría en un acceso no autorizado al endpoint y posiblemente una Denegación de Servicio. • https://access.redhat.com/errata/RHSA-2023:5170 https://access.redhat.com/errata/RHSA-2023:5310 https://access.redhat.com/errata/RHSA-2023:5337 https://access.redhat.com/errata/RHSA-2023:5446 https://access.redhat.com/errata/RHSA-2023:5479 https://access.redhat.com/errata/RHSA-2023:5480 https://access.redhat.com/errata/RHSA-2023:6107 https://access.redhat.com/errata/RHSA-2023:6112 https://access.redhat.com/errata/RHSA-2023:7653 https://access.redhat.com/security/cve • CWE-148: Improper Neutralization of Input Leaders CWE-863: Incorrect Authorization •
CVE-2023-4065 – Operator: plaintext password in operator log
https://notcve.org/view.php?id=CVE-2023-4065
A flaw was found in Red Hat AMQ Broker Operator, where it displayed a password defined in ActiveMQArtemisAddress CR, shown in plain text in the Operator Log. This flaw allows an authenticated local attacker to access information outside of their permissions. Se encontró una falla en Red Hat AMQ Broker Operador, donde mostraba una contraseña definida en ActiveMQArtemisAddress CR, que se muestra en texto plano en el Registro del Operador. Esta falla permite que un atacante local autenticado acceda a información fuera de sus permisos. • https://access.redhat.com/errata/RHSA-2023:4720 https://access.redhat.com/security/cve/CVE-2023-4065 https://bugzilla.redhat.com/show_bug.cgi?id=2224630 • CWE-117: Improper Output Neutralization for Logs CWE-276: Incorrect Default Permissions •
CVE-2023-4066 – Operator: passwords defined in secrets shown in statefulset yaml
https://notcve.org/view.php?id=CVE-2023-4066
A flaw was found in Red Hat's AMQ Broker, which stores certain passwords in a secret security-properties-prop-module, defined in ActivemqArtemisSecurity CR; however, they are shown in plaintext in the StatefulSet details yaml of AMQ Broker. Se encontró una falla en AMQ Broker de Red Hat, que almacena ciertas contraseñas en un módulo secreto de propiedades de seguridad definido en ActivemqArtemisSecurity CR; sin embargo, se muestran en texto plano en el yaml de detalles de StatefulSet de AMQ Broker. • https://access.redhat.com/errata/RHSA-2023:4720 https://access.redhat.com/security/cve/CVE-2023-4066 https://bugzilla.redhat.com/show_bug.cgi?id=2224677 • CWE-312: Cleartext Storage of Sensitive Information CWE-313: Cleartext Storage in a File or on Disk •
CVE-2023-3223 – Undertow: outofmemoryerror due to @multipartconfig handling
https://notcve.org/view.php?id=CVE-2023-3223
A flaw was found in undertow. Servlets annotated with @MultipartConfig may cause an OutOfMemoryError due to large multipart content. This may allow unauthorized users to cause remote Denial of Service (DoS) attack. If the server uses fileSizeThreshold to limit the file size, it's possible to bypass the limit by setting the file name in the request to null. Se encontró una falla en el undertow. • https://access.redhat.com/errata/RHSA-2023:4505 https://access.redhat.com/errata/RHSA-2023:4506 https://access.redhat.com/errata/RHSA-2023:4507 https://access.redhat.com/errata/RHSA-2023:4509 https://access.redhat.com/errata/RHSA-2023:4918 https://access.redhat.com/errata/RHSA-2023:4919 https://access.redhat.com/errata/RHSA-2023:4920 https://access.redhat.com/errata/RHSA-2023:4921 https://access.redhat.com/errata/RHSA-2023:4924 https://access.redhat.com/errata/RHSA • CWE-789: Memory Allocation with Excessive Size Value •
CVE-2023-1260 – Kube-apiserver: privesc
https://notcve.org/view.php?id=CVE-2023-1260
An authentication bypass vulnerability was discovered in kube-apiserver. This issue could allow a remote, authenticated attacker who has been given permissions "update, patch" the "pods/ephemeralcontainers" subresource beyond what the default is. They would then need to create a new pod or patch one that they already have access to. This might allow evasion of SCC admission restrictions, thereby gaining control of a privileged pod. Se descubrió una vulnerabilidad de omisión de autenticación en kube-apiserver. • https://access.redhat.com/errata/RHSA-2023:3976 https://access.redhat.com/errata/RHSA-2023:4093 https://access.redhat.com/errata/RHSA-2023:4312 https://access.redhat.com/errata/RHSA-2023:4898 https://access.redhat.com/errata/RHSA-2023:5008 https://access.redhat.com/security/cve/CVE-2023-1260 https://bugzilla.redhat.com/show_bug.cgi?id=2176267 https://github.com/advisories/GHSA-92hx-3mh6-hc49 https://security.netapp.com/advisory/ntap-20231020-0010 • CWE-288: Authentication Bypass Using an Alternate Path or Channel •