Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2023-2728 CVE-2023-2727 CVE-2023-5408 CVE-2023-3955 CVE-2023-3676 |
CWE-ID | CWE-264 CWE-20 |
Exploitation vector | Network |
Public exploit | Public exploit code for vulnerability #1 is available. |
Vulnerable software Subscribe |
Cloud Pak for Data Client/Desktop applications / Other client software |
Vendor | IBM Corporation |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU77526
Risk: Medium
CVSSv3.1: 5.9 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:P/RL:O/RC:C]
CVE-ID: CVE-2023-2728
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers.Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with ephemeral containers.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Data: before 4.8.5
External linkshttp://www.ibm.com/support/pages/node/7164097
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
EUVDB-ID: #VU77525
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-2727
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to bypass implemented security restrictions.
The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers.
Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Data: before 4.8.5
External linkshttp://www.ibm.com/support/pages/node/7164097
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU82607
Risk: Low
CVSSv3.1: 5.8 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-5408
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to improperly imposed security restrictions in the node restriction admission plugin of the kubernetes api server of OpenShift. A local user can modify the node role label and steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Data: before 4.8.5
External linkshttp://www.ibm.com/support/pages/node/7164097
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80008
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3955
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on Windows nodes.
The vulnerability exists due to improper input validation. A remote user with ability to create pods on Windows nodes can obtain administrative privileges on these nodes. MitigationInstall update from vendor's website.
Vulnerable software versionsCloud Pak for Data: before 4.8.5
External linkshttp://www.ibm.com/support/pages/node/7164097
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU80006
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-3676
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on Windows nodes.
The
vulnerability exists due to improper input validation. A remote
user with ability to create pods on Windows nodes can obtain
administrative privileges on these nodes.
Install update from vendor's website.
Vulnerable software versionsCloud Pak for Data: before 4.8.5
External linkshttp://www.ibm.com/support/pages/node/7164097
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.