SB2024080951 - Multiple vulnerabilities in IBM Cloud Pak for Data 

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024080951

SB2024080951 - Multiple vulnerabilities in IBM Cloud Pak for Data

Published: August 9, 2024 Updated: September 6, 2024

Security Bulletin ID SB2024080951
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 80% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-2728)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plugin when using ephemeral containers.

Kubernetes clusters are only affected if the ServiceAccount admission plugin and the kubernetes.io/enforce-mountable-secrets annotation are used together with ephemeral containers.


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-2727)

The vulnerability allows a remote user to bypass implemented security restrictions.

The vulnerability exists due to improperly imposed security restrictions. A remote user can launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers.

Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral containers.


3) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2023-5408)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improperly imposed security restrictions in the node restriction admission plugin of the kubernetes api server of OpenShift. A local user can modify the node role label and steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.


4) Input validation error (CVE-ID: CVE-2023-3955)

The vulnerability allows a remote user to escalate privileges on Windows nodes.

The vulnerability exists due to improper input validation. A remote user with ability to create pods on Windows nodes can obtain administrative privileges on these nodes.

5) Input validation error (CVE-ID: CVE-2023-3676)

The vulnerability allows a remote user to escalate privileges on Windows nodes.

The vulnerability exists due to improper input validation. A remote user with ability to create pods on Windows nodes can obtain administrative privileges on these nodes.


Remediation

Install update from vendor's website.

References