VDB

RHSA-2023%3A3609

RHSA-2023%3A3609 PUBLISHED CVSS 5.099999904632568 MEDIUM

A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This issue leads to the client performing unexpected actions and forwarding the client's API server credentials to third parties.

Risk Scores

CVSS 3.1
5.099999904632568
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L

Affected Products

VendorProductVersions
Red Hatodf4/odf-rhel8-operator@sha256:f3d12e90b7a2bb44e15da2b9082afc361c1e1555e8c2bd24a022cd00ea755838_amd64 as a component of RHODF 4.12 for RHEL 8odf4/odf-rhel8-operator@sha256:f3d12e90b7a2bb44e15da2b9082afc361c1e1555e8c2bd24a022cd00ea755838_amd64
Red Hatodf4/mcg-operator-bundle@sha256:321acbfdd6b022f2439c1c8fa8772c79d2ded0f2a56fbebc18be01b30e9fd856_s390x as a component of RHODF 4.12 for RHEL 8odf4/mcg-operator-bundle@sha256:321acbfdd6b022f2439c1c8fa8772c79d2ded0f2a56fbebc18be01b30e9fd856_s390x
Red Hatodf4/odr-cluster-operator-bundle@sha256:1e9c89e7e05cde772591dec21007be1939d34d90872346fec7f10803c90b3ac2_s390x as a component of RHODF 4.12 for RHEL 8odf4/odr-cluster-operator-bundle@sha256:1e9c89e7e05cde772591dec21007be1939d34d90872346fec7f10803c90b3ac2_s390x
Red Hatodf4/rook-ceph-rhel8-operator@sha256:cb5c9190f28e1fff2d5c05011f962e9be0d6dbfdac43cd070f44078452a2dd74_amd64 as a component of RHODF 4.12 for RHEL 8odf4/rook-ceph-rhel8-operator@sha256:cb5c9190f28e1fff2d5c05011f962e9be0d6dbfdac43cd070f44078452a2dd74_amd64
Red Hatodf4/odf-csi-addons-operator-bundle@sha256:790a1089a310079b8d13d76021068280a065dab75925e7d63203f063ced3b6b8_amd64 as a component of RHODF 4.12 for RHEL 8odf4/odf-csi-addons-operator-bundle@sha256:790a1089a310079b8d13d76021068280a065dab75925e7d63203f063ced3b6b8_amd64
Red Hatodf4/odf-operator-bundle@sha256:e57f89fd338b4cf393f4cde1dd0f37c7fb51efc6fc2193d9e701781d646dd94f_ppc64le as a component of RHODF 4.12 for RHEL 8odf4/odf-operator-bundle@sha256:e57f89fd338b4cf393f4cde1dd0f37c7fb51efc6fc2193d9e701781d646dd94f_ppc64le
Red Hatodf4/mcg-core-rhel8@sha256:3490758a3201514f18d36650ad0880f74337e7b982162c8853a9ef1399d45c83_s390x as a component of RHODF 4.12 for RHEL 8*
Red Hatodf4/odf-csi-addons-rhel8-operator@sha256:2fe2851dd6880bb145823dc9f041bd6dafa6c8566f02775a12eed452a748f528_s390x as a component of RHODF 4.12 for RHEL 8*
Red Hatodf4/odf-csi-addons-sidecar-rhel8@sha256:2c0085e0efaffcfef4aace1a0551ee8799cb3770e5df94d97fffc0e0943c273a_s390x as a component of RHODF 4.12 for RHEL 8odf4/odf-csi-addons-sidecar-rhel8@sha256:2c0085e0efaffcfef4aace1a0551ee8799cb3770e5df94d97fffc0e0943c273a_s390x
Red Hatodf4/mcg-rhel8-operator@sha256:f052756c97e9a63fab1129fa08f63ce164e15c94bf66e1c851360b6579b2d5f8_s390x as a component of RHODF 4.12 for RHEL 8*
Red Hatodf4/mcg-rhel8-operator@sha256:1c2286a69dd01a9bae529264a6859c1d75537502ce98b654bd53b4e34c22f642_ppc64le as a component of RHODF 4.12 for RHEL 8odf4/mcg-rhel8-operator@sha256:1c2286a69dd01a9bae529264a6859c1d75537502ce98b654bd53b4e34c22f642_ppc64le
Red Hatodf4/ocs-client-rhel8-operator@sha256:39ee3ed5ac9c072577f9737236d03d92d1a3f3ec16e88aa4f9bc778a18af5fda_s390x as a component of RHODF 4.12 for RHEL 8odf4/ocs-client-rhel8-operator@sha256:39ee3ed5ac9c072577f9737236d03d92d1a3f3ec16e88aa4f9bc778a18af5fda_s390x
Red Hatodf4/ocs-metrics-exporter-rhel8@sha256:7bbfa727bfbe5037967b34e6c3d0711f976cbf9085a4bf3b23409744d0518927_ppc64le as a component of RHODF 4.12 for RHEL 8odf4/ocs-metrics-exporter-rhel8@sha256:7bbfa727bfbe5037967b34e6c3d0711f976cbf9085a4bf3b23409744d0518927_ppc64le
Red Hatodf4/rook-ceph-rhel8-operator@sha256:445a7af195354c94303a357eea076e8b9f99323f3d08a156ed51c9bbece7964d_ppc64le as a component of RHODF 4.12 for RHEL 8odf4/rook-ceph-rhel8-operator@sha256:445a7af195354c94303a357eea076e8b9f99323f3d08a156ed51c9bbece7964d_ppc64le
Red Hatodf4/cephcsi-rhel8@sha256:8b20ec2847f20acb0290cd6c48554440ee0c76c74087124a1be42074db7046da_s390x as a component of RHODF 4.12 for RHEL 8odf4/cephcsi-rhel8@sha256:8b20ec2847f20acb0290cd6c48554440ee0c76c74087124a1be42074db7046da_s390x
Red Hatodf4/odf-csi-addons-sidecar-rhel8@sha256:590f2e49fbc2610a5e8967f798b5083c4a9494ee043305ab6d8ccddc231592c5_amd64 as a component of RHODF 4.12 for RHEL 8odf4/odf-csi-addons-sidecar-rhel8@sha256:590f2e49fbc2610a5e8967f798b5083c4a9494ee043305ab6d8ccddc231592c5_amd64
Red Hatodf4/odr-rhel8-operator@sha256:2d8e563f015605c44b3d8cf66e1ccf33bb04402760d63777d86157fadac46e97_s390x as a component of RHODF 4.12 for RHEL 8odf4/odr-rhel8-operator@sha256:2d8e563f015605c44b3d8cf66e1ccf33bb04402760d63777d86157fadac46e97_s390x
Red Hatodf4/odr-hub-operator-bundle@sha256:9b6647cef3ca8f9c368fbe2a62152450a075405f430768f08c713008abd9a6cd_amd64 as a component of RHODF 4.12 for RHEL 8odf4/odr-hub-operator-bundle@sha256:9b6647cef3ca8f9c368fbe2a62152450a075405f430768f08c713008abd9a6cd_amd64
Red Hatodf4/odr-rhel8-operator@sha256:b2ba54ee096b54f348e539061132fedb2dc274ae62105d7e4f769578c3b68ddb_amd64 as a component of RHODF 4.12 for RHEL 8odf4/odr-rhel8-operator@sha256:b2ba54ee096b54f348e539061132fedb2dc274ae62105d7e4f769578c3b68ddb_amd64
Red Hatodf4/odf-multicluster-console-rhel8@sha256:84a28f1150151960b097432b99ab2fa6c34716441a8b9dd32aac4823c8f3e292_ppc64le as a component of RHODF 4.12 for RHEL 8*

…and 49 more

Exploit Intelligence

Timeline

  • Jun 14, 2023 CVE Published
  • Mar 21, 2026 CVE Updated
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Distribution Patch
  • May 1, 2026 Security Advisory
  • May 1, 2026 Security Advisory
Open in Interactive Console →
$ Console Community · 100/wk Open console ›