RHEL 9:Red Hat build of MicroShift 4.14.0 (RHSA-2023:5008)
high Nessus 插件 ID 194227
语言:
简介
远程 Red Hat 主机缺少一个或多个 Red Hat build of MicroShift 4.14.0 安全更新。描述
远程 Redhat Enterprise Linux 9 主机上安装的多个程序包受到 RHSA-2023:5008 公告中提及的多个漏洞影响。- kube-apiserver:PrivEsc (CVE-2023-1260)
- kube-apiserver:绕过 ImagePolicyWebhook 许可插件实施的策略(CVE-2023-2727)
- kube-apiserver:绕过 ServiceAccount 准入插件强制实施的可挂载机密策略 (CVE-2023-2728)
请注意,Nessus 尚未测试这些问题,而是只依据应用程序自我报告的版本号进行判断。
解决方案
依据 RHSA-2023:5008 中的指南更新 RHEL Red Hat build of MicroShift 4.14.0 程序包。另见
https://access.redhat.com/security/updates/classification/#important
https://bugzilla.redhat.com/show_bug.cgi?id=2176267
https://bugzilla.redhat.com/show_bug.cgi?id=2211322
https://bugzilla.redhat.com/show_bug.cgi?id=2211348
https://issues.redhat.com/browse/OCPBUGS-10201
https://issues.redhat.com/browse/OCPBUGS-10226
https://issues.redhat.com/browse/OCPBUGS-10766
https://issues.redhat.com/browse/OCPBUGS-11296
https://issues.redhat.com/browse/OCPBUGS-11374
https://issues.redhat.com/browse/OCPBUGS-11421
https://issues.redhat.com/browse/OCPBUGS-11512
https://issues.redhat.com/browse/OCPBUGS-11538
https://issues.redhat.com/browse/OCPBUGS-11592
https://issues.redhat.com/browse/OCPBUGS-11734
https://issues.redhat.com/browse/OCPBUGS-11829
https://issues.redhat.com/browse/OCPBUGS-11967
https://issues.redhat.com/browse/OCPBUGS-12146
https://issues.redhat.com/browse/OCPBUGS-12736
https://issues.redhat.com/browse/OCPBUGS-12744
https://issues.redhat.com/browse/OCPBUGS-12977
https://issues.redhat.com/browse/OCPBUGS-13078
https://issues.redhat.com/browse/OCPBUGS-13221
https://issues.redhat.com/browse/OCPBUGS-14364
https://issues.redhat.com/browse/OCPBUGS-14678
https://issues.redhat.com/browse/OCPBUGS-15397
https://issues.redhat.com/browse/OCPBUGS-15740
https://issues.redhat.com/browse/OCPBUGS-15948
https://issues.redhat.com/browse/OCPBUGS-16339
https://issues.redhat.com/browse/OCPBUGS-16392
https://issues.redhat.com/browse/OCPBUGS-18696
https://issues.redhat.com/browse/OCPBUGS-18773
https://issues.redhat.com/browse/OCPBUGS-19339
https://issues.redhat.com/browse/OCPBUGS-19423
https://issues.redhat.com/browse/OCPBUGS-19518
https://issues.redhat.com/browse/OCPBUGS-19638
https://issues.redhat.com/browse/OCPBUGS-19646
https://issues.redhat.com/browse/OCPBUGS-19772
https://issues.redhat.com/browse/OCPBUGS-19872
https://issues.redhat.com/browse/OCPBUGS-19939
https://issues.redhat.com/browse/OCPBUGS-20059
https://issues.redhat.com/browse/OCPBUGS-20174
https://issues.redhat.com/browse/OCPBUGS-6861
https://issues.redhat.com/browse/OCPBUGS-7535
https://issues.redhat.com/browse/OCPBUGS-7779
https://issues.redhat.com/browse/OCPBUGS-7791
https://issues.redhat.com/browse/OCPBUGS-7874
https://issues.redhat.com/browse/OCPBUGS-8277
https://issues.redhat.com/browse/OCPBUGS-8278
https://issues.redhat.com/browse/OCPBUGS-8301
https://issues.redhat.com/browse/OCPBUGS-8329
https://issues.redhat.com/browse/OCPBUGS-8411
https://issues.redhat.com/browse/OCPBUGS-8516
https://issues.redhat.com/browse/OCPBUGS-9996
插件详情
严重性: High
ID: 194227
文件名: redhat-RHSA-2023-5008.nasl
版本: 1.0
类型: local
代理: unix
发布时间: 2024/4/28
最近更新时间: 2024/4/28
支持的传感器: Agentless Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Frictionless Assessment Azure, Nessus Agent, Nessus
风险信息
VPR
风险因素: High
分数: 8.1
CVSS v2
风险因素: High
基本分数: 7.7
时间分数: 5.7
矢量: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:N
CVSS 分数来源: CVE-2023-2728
CVSS v3
风险因素: High
基本分数: 8
时间分数: 7
矢量: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
时间矢量: CVSS:3.0/E:U/RL:O/RC:C
CVSS 分数来源: CVE-2023-1260
漏洞信息
CPE: cpe:/o:redhat:enterprise_linux:9, p-cpe:/a:redhat:enterprise_linux:microshift, p-cpe:/a:redhat:enterprise_linux:microshift-networking, p-cpe:/a:redhat:enterprise_linux:microshift-release-info, p-cpe:/a:redhat:enterprise_linux:microshift-selinux
必需的 KB 项: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list, Host/cpu
易利用性: No known exploits are available
补丁发布日期: 2023/10/31
漏洞发布日期: 2023/7/3