Main Vulnerability Database SB2023062636

SB2023062636 - Multiple vulnerabilities in OpenShift Container Platform 4.10

Published: June 26, 2023

Security Bulletin ID SB2023062636

Severity

Medium

Patch available

YES

Number of vulnerabilities 6

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2022-41966)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied XML input. A remote attacker can pass specially crafted data to the application, trigger a stack overflow error and perform a denial of service (DoS) attack.

2) Input validation error (CVE-ID: CVE-2023-20860)

The vulnerability allows a remote attacker to bypass implemented security restrictions.

The vulnerability exists due to an input validation error caused by using the wildcard ("**") as a pattern in Spring Security configuration with the mvcRequestMatcher, which creates a mismatch in pattern matching between Spring Security and Spring MVC. A remote attacker can bypass certain security restrictions.

3) Stored cross-site scripting (CVE-ID: CVE-2023-32977)

The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.

The vulnerability exists due to insufficient sanitization of user-supplied data. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.

Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.

4) Information disclosure (CVE-ID: CVE-2023-32979)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected plugin does not perform a permission check in a method implementing form validation. A remote user can gain unauthorized access to sensitive information on the system.

5) Cross-site request forgery (CVE-ID: CVE-2023-32980)

The vulnerability allows a remote attacker to perform cross-site request forgery attacks.

The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.

6) Path traversal (CVE-ID: CVE-2023-32981)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to input validation error when processing directory traversal sequences. A remote user can send a specially crafted HTTP request and create or replace arbitrary files on the system.

Remediation

Install update from vendor's website.

References

https://access.redhat.com/errata/RHSA-2023:3625

Vulnerable Software

Red Hat OpenShift Container Platform: 4.10 - 4.10.61
openshift-clients (Red Hat package): before 4.10.0-202306081029.p0.g3a7500d.assembly.stream.el7
openshift-ansible (Red Hat package): before 4.10.0-202306081029.p0.g72c7be6.assembly.stream.el7
openshift (Red Hat package): before 4.10.0-202306081029.p0.g16bcd69.assembly.stream.el7
kernel-rt (Red Hat package): before 4.18.0-305.93.1.rt7.168.el8_4
kernel (Red Hat package): before 4.18.0-305.93.1.el8_4
jenkins (Red Hat package): before 2.401.1.1685677065-1.el8
jenkins-2-plugins (Red Hat package): before 4.10.1685679861-1.el8
cri-o (Red Hat package): before 1.23.5-16.rhaos4.10.gitbb2cc9a.el7

SB2023062636 - Multiple vulnerabilities in OpenShift Container Platform 4.10

Breakdown by Severity

Description

Remediation

References

Please verify you're human