OpenShift Container Platform 4.13 update for vault

Published: 2023-05-18

Risk	High
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2020-16251 CVE-2021-43998
CWE-ID	CWE-287 CWE-264
Exploitation vector	Network
Public exploit	N/A
Vulnerable software Subscribe	Red Hat OpenShift Container Platform Client/Desktop applications / Software for system administration
Vendor	Red Hat Inc.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Improper Authentication

EUVDB-ID: #VU46233

Risk: High

CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2020-16251

CWE-ID: CWE-287 - Improper Authentication

Exploit availability: No

Description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Red Hat OpenShift Container Platform: before 4.13.0

External links

http://access.redhat.com/errata/RHSA-2023:2138

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Permissions, Privileges, and Access Controls

EUVDB-ID: #VU66115

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-43998

CWE-ID: CWE-264 - Permissions, Privileges, and Access Controls