CVE-2023-5408 Vulnerability Details

  /     /     /  

CVE-2023-5408 Metadata Quick Info

CVE Published: 02/11/2023 | CVE Updated: 23/11/2024 | CVE Year: 2023
Source: redhat | Vendor: Red Hat | Product: Red Hat OpenShift Container Platform 4.11
Status : PUBLISHED

---

CVE-2023-5408 Description

A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-269
CWE Name: Improper Privilege Management
Source: Red Hat

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).