Unrated severityNVD Advisory· Published Dec 18, 2023· Updated Nov 20, 2025

Skupper-operator: privelege escalation via config map

CVE-2023-5056

Description

A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Red Hat/Service Interconnect 1 for RHEL 9v5
cpe:/a:redhat:service_interconnect:1::el9
Range: 1.4.3-6
Red Hat/Skupper operatorllm-create

Patches

Vulnerability mechanics

References

access.redhat.com/errata/RHSA-2023:6219mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-5056mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000