CVE-2022-3248

Опубликовано: 05 окт. 2023

Источник: nvd

CVSS3: 4.4

CVSS3: 7.5

EPSS Низкий

Описание

A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.

Ссылки

https://access.redhat.com/security/cve/CVE-2022-3248
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2072188
Issue Tracking
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2022-3248
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2072188
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:advanced_cluster_management_for_kubernetes:2.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00046

Низкий

4.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-863

Связанные уязвимости

CVE-2022-3248

CVSS3: 4.4

redhat

больше 2 лет назад

A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.

GHSA-4rc4-8xqr-5g82

CVSS3: 4.4

github

больше 2 лет назад

A flaw was found in OpenShift API, as admission checks do not enforce "custom-host" permissions. This issue could allow an attacker to violate the boundaries, as permissions will not be applied.

EPSS

Процентиль: 14%

0.00046

Низкий

4.4 Medium

CVSS3

7.5 High

CVSS3

Дефекты

CWE-863