CVE-2023-0923 Vulnerability Details

  /     /     /  

CVE-2023-0923 Metadata Quick Info

CVE Published: 15/09/2023 | CVE Updated: 02/08/2024 | CVE Year: 2023
Source: redhat | Vendor: Red Hat | Product: RHODS-1.22-RHEL-8
Status : PUBLISHED

---

CVE-2023-0923 Description

A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-862
CWE Name: Missing Authorization
Source: Red Hat

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).