An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impact is to availability.
References
Link | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2023-0056 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
|
History
03 Apr 2023, 17:42
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:* cpe:2.3:a:fedoraproject:extra_packages_for_enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:ceph_storage:5.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.12:*:*:*:*:*:arm64:* cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.11:*:*:*:*:*:arm64:* cpe:2.3:a:redhat:openshift_container_platform_for_ibm_linuxone:4.11:*:*:*:*:*:*:* cpe:2.3:a:haproxy:haproxy:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:arm64:* cpe:2.3:a:redhat:openshift_container_platform_for_ibm_linuxone:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:software_collections:-:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.10:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_ibm_linuxone:4.12:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.12:*:*:*:*:*:*:* |
|
References | (MISC) https://access.redhat.com/security/cve/CVE-2023-0056 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CWE | CWE-400 | |
First Time |
Fedoraproject extra Packages For Enterprise Linux
Redhat openshift Container Platform For Ibm Linuxone Redhat ceph Storage Haproxy haproxy Redhat software Collections Redhat openshift Container Platform For Power Redhat openshift Container Platform Ibm Z Systems Fedoraproject fedora Redhat openshift Container Platform Haproxy Redhat Redhat enterprise Linux Fedoraproject |
23 Mar 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-03-23 21:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-0056
Mitre link : CVE-2023-0056
CVE.ORG link : CVE-2023-0056
JSON object : View
Products Affected
redhat
- software_collections
- openshift_container_platform_for_ibm_linuxone
- openshift_container_platform_ibm_z_systems
- enterprise_linux
- openshift_container_platform_for_power
- openshift_container_platform
- ceph_storage
haproxy
- haproxy
fedoraproject
- extra_packages_for_enterprise_linux
- fedora
CWE
CWE-400
Uncontrolled Resource Consumption