Unrated severityNVD Advisory· Published Nov 2, 2023· Updated Nov 7, 2025
Openshift: modification of node role labels
CVE-2023-5408
Description
A privilege escalation flaw was found in the node restriction admission plugin of the kubernetes api server of OpenShift. A remote attacker who modifies the node role label could steer workloads from the control plane and etcd nodes onto different worker nodes and gain broader access to the cluster.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:/a:redhat:openshift:4.11::el8+ 3 more
- cpe:/a:redhat:openshift:4.11::el8range: v4.11.0-202311211130.p0.g7021090.assembly.stream
- cpe:/a:redhat:openshift:4.12::el8range: v4.12.0-202311021630.p0.gfe5e2a1.assembly.stream
- cpe:/a:redhat:openshift:4.13::el9range: v4.13.0-202310210425.p0.gd525f5d.assembly.stream
- cpe:/a:redhat:openshift:4.14::el8range: v4.14.0-202310201027.p0.g8b38d12.assembly.stream
Patches
Vulnerability mechanics
References
7- access.redhat.com/errata/RHSA-2023:5006mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2023:6130mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2023:6842mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2023:7479mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/security/cve/CVE-2023-5408mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- github.com/openshift/kubernetes/pull/1736mitre
News mentions
0No linked articles in our index yet.