WID-SEC-W-2023-1542 — Vulnetix

WID-SEC-W-2023-1542 PUBLISHED CVSS 8.699999809265137 HIGH

Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
	Meinberg LANTIME <7.08.007
	Red Hat OpenShift Data Foundation <4.12.10
	Red Hat OpenShift
	Red Hat OpenShift Container Platform <4.12.22
	Red Hat OpenShift Container Platform <4.13.4
	Red Hat OpenShift Container Platform 4.11.44
	Red Hat OpenShift Container Platform 4.12.22
	Red Hat Enterprise Linux Service Interconnect 1
	Gentoo Linux
	Oracle Linux
	Red Hat OpenShift Data Foundation 4.12.10
	Red Hat OpenShift Data Foundation 4.13.0
	Red Hat OpenShift Container Platform <4.11.44
	Red Hat OpenShift Data Foundation <4.13.0
	Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
	Red Hat OpenShift Container Platform 4.13.4
	Fedora Linux
	Red Hat OpenShift Container Platform 4.12
	Red Hat Enterprise Linux
	Meinberg LANTIME 7.08.007

Exploit Intelligence

Scan for python installations on macOS, and run CVE-2015-20107.py script to report if patching is needed (github-poc-repo)
A CodeQL query to find CVE 2022-35737 (github-poc-repo)
Sudo Privilege Escalation: CVE-2023-22809 Simulation This project simulates the Sudo privilege escalation vulnerability (CVE-2023-22809) to demonstrate how unauthorized root access can be gained. It involves identifying and exploiting this vulnerability in a controlled environment using Parrot OS, the Sudo command, and Bash scripting. (github-poc-repo)
D0rDa4aN919/CVE-2023-22809-Exploiter (github-poc-repo)
This vulnerability is of the "double-free" type, which occurs during the processing of key exchange (KEX) algorithms in OpenSSH. A "double-free" vulnerability happens when memory that has already been freed is freed again. This issue can indirectly lead to remote code execution (RCE) by an attacker. (github-poc-repo)
Automates vulnerability check for sudo versions and privilege escalation via sudoedit if exploitable, helping users test and gain root access. (github-poc-repo)
Lane0218/CVE-2023-25136-PoC (github-poc-repo)
Implementation of the CVE-2023-22809 (github-poc-repo)
jithinodattu/CVE-2023-24329-lab (github-poc-repo)
Security issues CVE-2025-31115: Threaded .xz decoder frees memory too early CVE-2024-47611: Argument injection on Windows CVE-2024-3094: liblzma backdoor CVE-2022-1271: xzgrep filename handling CVE-2020-22916: A bogus CVE (github-poc-repo)

…and 123 more exploits

Timeline

Jun 22, 2023 CVE Published
Oct 23, 2025 CVE Updated
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch
Mar 31, 2026 Distribution Patch

References

…and 32 more

Open in Interactive Console →

$ Console Community · 100/wk Open console ›