Openshift: incomplete fix for rapid reset (cve-2023-44487/cve-2023-39325)
CVE-2023-6596
7.5HIGH
Key Information
- Vendor
- Red Hat
- Status
- Red Hat Openshift Container Platform 4.11
- Red Hat Openshift Container Platform 4.12
- Red Hat Openshift Container Platform 4
- Vendor
- CVE Published:
- 25 April 2024
Summary
An incomplete fix was shipped for the Rapid Reset (CVE-2023-44487/CVE-2023-39325) vulnerability for an OpenShift Containers.
Affected Version(s)
Red Hat OpenShift Container Platform 4.11 <= v4.11.0-202401301508.p0.g5ea0428.assembly.stream
Red Hat OpenShift Container Platform 4.12 <= v4.12.0-202401190520.p0.g4b287bd.assembly.stream
CVSS V3.1
Score:
7.5
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Risk change from: null to: 7.5 - (HIGH)
Vulnerability published.
Reported to Red Hat.
Collectors
NVD DatabaseMitre Database