Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2021-20238
HistoryApr 01, 2022 - 11:15 p.m.

CVE-2021-20238

2022-04-0123:15:08
CWE-306
CWE-287
[email protected]
web.nvd.nist.gov
48
cve
openshift
container platform
ignition config
machine config server
authentication
mcs
security vulnerability
nvd

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.5%

JSON

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint (port 22623) provides ignition configuration used for bootstrapping Nodes and can include some sensitive data, e.g. registry pull secrets. There are two scenarios where this data can be accessed. The first is on Baremetal, OpenStack, Ovirt, Vsphere and KubeVirt deployments which do not have a separate internal API endpoint and allow access from outside the cluster to port 22623 from the standard OpenShift API Virtual IP address. The second is on cloud deployments when using unsupported network plugins, which do not create iptables rules that prevent to port 22623. In this scenario, the ignition config is exposed to all pods within the cluster and cannot be accessed externally.

Affected configurations

Vulners
NVD
Node
redhatopenshift_machine-config-operatorRange4.9.0
VendorProductVersionCPE
redhatopenshift_machine\-config\-operator*cpe:2.3:a:redhat:openshift_machine\-config\-operator:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "product": "openshift/machine-config-operator",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "affecting versions up to, including ose-machine-config-operator-container-v4.9.0"
      }
    ]
  }
]

Related

redhatcve 1
cvelist 1
nvd 1
prion 1
osv 1
redhatcve
redhatcve
CVE-2021-20238
2021-02-15 18:34:25
cvelist
cvelist
CVE-2021-20238
2022-04-01 22:17:25
nvd
nvd
CVE-2021-20238
2022-04-01 23:15:08
prion
prion
Design/Logic Flaw
2022-04-01 23:15:00
osv
osv
CVE-2021-20238
2022-04-01 23:15:08

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.2 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.5%

JSON
Related for CVE-2021-20238
redhatcve1cvelist1nvd1prion1osv1