CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-0229 – openshift/apiserver-library-go: Bypass of SCC seccomp profile restrictions
https://notcve.org/view.php?id=CVE-2023-0229
A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12 and 4.11, that contains an issue that can allow low-privileged users to set the seccomp profile for pods they control to "unconfined." By default, the seccomp profile used in the restricted-v2 Security Context Constraint (SCC) is "runtime/default," allowing users to disable seccomp for pods they can create and modify. Se encontró un fallo en github.com/openshift/apiserver-library-go, utilizado en OpenShift 4.12 y 4.11. Dicho fallo puede permitir a los usuarios con pocos privilegios configurar el perfil seccomp para los pods que controlan en "unconfined". De forma predeterminada, el perfil seccomp utilizado en la restricción de contexto (restricted-v2 Security Context Constraint, SCC) es "runtime/default", lo que permite a los usuarios deshabilitar seccomp para los pods que pueden crear y modificar. • https://bugzilla.redhat.com/show_bug.cgi?id=2160349 https://access.redhat.com/security/cve/CVE-2023-0229 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 29EXPL: 0CVE-2023-0056 – haproxy: segfault DoS
https://notcve.org/view.php?id=CVE-2023-0056
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability. • https://access.redhat.com/security/cve/CVE-2023-0056 https://bugzilla.redhat.com/show_bug.cgi?id=2160808 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-0296 – openshift: etcd grpc-proxy vulnerable to The Birthday attack against 64-bit block cipher
https://notcve.org/view.php?id=CVE-2023-0296
The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics data), therefore the potential impact related to this vulnerability is minimal. The CVE-2023-0296 has been assigned to this issue to track the permanent fix in the etcd component. The Birthday attack against 64-bit block ciphers (CVE-2016-2183) was reported for the health checks port (9979) on the etcd grpc-proxy component. • https://bugzilla.redhat.com/show_bug.cgi?id=2161287 https://access.redhat.com/security/cve/CVE-2023-0296 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •