{ "threat_severity" : "Moderate", "public_date" : "2023-09-29T00:00:00Z", "bugzilla" : { "description" : "hashicorp/vault: vault enterprise’s sentinel RGP policies allowed for cross-namespace denial of service", "id" : "2241306", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2241306" }, "cvss3" : { "cvss3_base_score" : "4.2", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-400", "details" : [ "A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in denial of service. Fixed in Vault Enterprise 1.15.0, 1.14.4, 1.13.8.", "A flaw was found in the Vault Enterprise. A Vault Enterprise Sentinel Role Governing Policy created by an operator to restrict access to resources in one namespace can be applied to requests outside in another non-descendant namespace, potentially resulting in a denial of service." ], "statement" : "This issue affects Vault Enterprise versions which are not shipped in any Red Hat Products.", "affected_release" : [ { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2024-10-01T00:00:00Z", "advisory" : "RHSA-2024:3718", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "openshift4/ose-installer-rhel9:v4.17.0-202409122204.p0.gdfd4c08.assembly.stream.el9" } ], "package_state" : [ { "product_name" : "cert-manager Operator for Red Hat OpenShift", "fix_state" : "Not affected", "package_name" : "jetstack-cert-manager-container", "cpe" : "cpe:/a:redhat:cert_manager:1" }, { "product_name" : "OpenShift Pipelines", "fix_state" : "Not affected", "package_name" : "openshift-pipelines-client", "cpe" : "cpe:/a:redhat:openshift_pipelines:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/client-kn-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1/eventing-kafka-broker-webhook-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "OpenShift Serverless", "fix_state" : "Not affected", "package_name" : "openshift-serverless-1-tech-preview/eventing-kafka-broker-webhook-rhel8", "cpe" : "cpe:/a:redhat:serverless:1" }, { "product_name" : "Red Hat Ceph Storage 5", "fix_state" : "Not affected", "package_name" : "rhceph/rhceph-5-dashboard-rhel8", "cpe" : "cpe:/a:redhat:ceph_storage:5" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/ose-contour-rhel8", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openshift4/topology-aware-lifecycle-manager-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat Openshift Container Storage 4", "fix_state" : "Not affected", "package_name" : "mcg", "cpe" : "cpe:/a:redhat:openshift_container_storage:4" }, { "product_name" : "Red Hat Openshift Container Storage 4", "fix_state" : "Not affected", "package_name" : "ocs4/mcg-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift_container_storage:4" }, { "product_name" : "Red Hat Openshift Container Storage 4", "fix_state" : "Not affected", "package_name" : "ocs4/ocs-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift_container_storage:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "mcg", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/cephcsi-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/mcg-cli-rhel9", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/mcg-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/ocs-client-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/ocs-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/odf-multicluster-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/odf-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/odr-rhel9-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat Openshift Data Foundation 4", "fix_state" : "Not affected", "package_name" : "odf4/rook-ceph-rhel8-operator", "cpe" : "cpe:/a:redhat:openshift_data_foundation:4" }, { "product_name" : "Red Hat OpenShift Data Science (RHODS)", "fix_state" : "Not affected", "package_name" : "rhods/odh-ml-pipelines-cache-rhel8", "cpe" : "cpe:/a:redhat:openshift_data_science" }, { "product_name" : "Red Hat OpenShift GitOps", "fix_state" : "Not affected", "package_name" : "openshift-gitops-1/kam-delivery-rhel8", "cpe" : "cpe:/a:redhat:openshift_gitops:1" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-3775\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3775\nhttps://discuss.hashicorp.com/t/hcsec-2023-29-vault-enterprise-s-sentinel-rgp-policies-allowed-for-cross-namespace-denial-of-service/58653" ], "name" : "CVE-2023-3775", "csaw" : false }