CVE-2023-3089

Опубликовано: 05 июл. 2023

Источник: nvd

CVSS3: 7

CVSS3: 7.5

EPSS Низкий

Описание

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Ссылки

https://access.redhat.com/security/cve/CVE-2023-3089
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2212085
Issue Tracking
Vendor Advisory
https://access.redhat.com/security/cve/CVE-2023-3089
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2212085
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

Одно из

cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.11:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_for_power:4.11:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.10:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.11:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Конфигурация 3

Одно из

cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.10:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.11:*:*:*:*:*:*:*

Конфигурация 4

Одновременно

Одно из

cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.12:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

Конфигурация 5

Одновременно

cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 16%

0.00053

Низкий

7 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-693

CWE-521

Связанные уязвимости

CVE-2023-3089

CVSS3: 6.5

redhat

больше 2 лет назад

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

GHSA-wj5p-x3cr-46w8

CVSS3: 7

github

больше 2 лет назад

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

EPSS

Процентиль: 16%

0.00053

Низкий

7 High

CVSS3

7.5 High

CVSS3

Дефекты

CWE-693

CWE-521