Multiple vulnerabiltiies in Red Hat OpenShift Service Mesh Containers 2.2
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2023-27487 CVE-2023-27488 CVE-2023-27491 CVE-2023-27492 CVE-2023-27493 CVE-2023-27496 |
| CWE-ID | CWE-20 CWE-770 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
OpenShift Service Mesh Server applications / Virtualization software |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU74480
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-27487
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied input in the "header x-envoy-original-path". A remote attacker can gain access to sensitive information on the system.
MitigationInstall updates from vendor's website.
OpenShift Service Mesh: 2.2.0 - 2.2.8
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2023:4623
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Input validation error
EUVDB-ID: #VU74474
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-27488
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input when "failure_mode_allow: true" is configured for ext_authz filter. A remote attacker can pass specially crafted input to the application and gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
OpenShift Service Mesh: 2.2.0 - 2.2.8
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2023:4623
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU74477
Risk: Medium
CVSSv3.1: 4.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-27491
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to insufficient validation of user-supplied input within the HTTP/2 and HTTP/3 downstream headers. A remote attacker can bypass the security policies.
MitigationInstall updates from vendor's website.
OpenShift Service Mesh: 2.2.0 - 2.2.8
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2023:4623
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Allocation of Resources Without Limits or Throttling
EUVDB-ID: #VU74476
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-27492
CWE-ID:
CWE-770 - Allocation of Resources Without Limits or Throttling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists when a large request body is processed in Lua filter. A remote user can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
OpenShift Service Mesh: 2.2.0 - 2.2.8
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2023:4623
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Input validation error
EUVDB-ID: #VU74475
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-27493
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to the affected application does not sanitize or escape request properties when generating request headers. A remote attacker can cause request smuggling and bypass of security policies.
MitigationInstall updates from vendor's website.
OpenShift Service Mesh: 2.2.0 - 2.2.8
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2023:4623
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Input validation error
EUVDB-ID: #VU74473
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2023-27496
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when a redirect url without a state param is received in the oauth filter. A remote attacker can pass specially crafted input to the application and perform a denial of service (DoS) attack.
MitigationInstall updates from vendor's website.
OpenShift Service Mesh: 2.2.0 - 2.2.8
CPE2.3 External linkshttp://access.redhat.com/errata/RHSA-2023:4623
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
