CVE-2023-3089 - OpenCVE

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Redhat	Openshift Container Platform For Linuxone Openshift Container Platform Enterprise Linux Openshift Container Platform For Power Openshift Container Platform Ibm Z Systems Openshift Container Platform For Arm64

Configuration 1 [-]

AND

cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:*

OR	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*

Configuration 2 [-]

AND

OR	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.11:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.11:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.10:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.11:::::::*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.10:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.11:::::::*

Configuration 4 [-]

AND

OR	cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:::::::*
	cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.12:::::::*