CVE-2023-0923

Sažetak

A flaw was found in the Kubernetes service for notebooks in RHODS, where it does not prevent pods from other namespaces and applications from making requests to the Jupyter API. This flaw can lead to file content exposure and other issues.

Reference

https://access.redhat.com/errata/RHSA-2023:0977
https://access.redhat.com/security/cve/CVE-2023-0923
https://bugzilla.redhat.com/show_bug.cgi?id=2171870

CVSS

Base:	9.8
Impact:	5.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

03-05-2024 - 16:15

Objavljeno

15-09-2023 - 21:15