A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
References
| Link | Resource |
|---|---|
| https://access.redhat.com/security/cve/CVE-2023-3089 | Vendor Advisory |
| https://bugzilla.redhat.com/show_bug.cgi?id=2212085 | Issue Tracking Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
|
Configuration 4 (hide)
| AND |
|
Configuration 5 (hide)
| AND |
|
History
12 Jul 2023, 15:04
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Redhat openshift Container Platform For Linuxone
Redhat openshift Container Platform For Power Redhat enterprise Linux Redhat openshift Container Platform For Arm64 Redhat Redhat openshift Container Platform Redhat openshift Container Platform Ibm Z Systems |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
| CWE | CWE-521 | |
| CPE | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.12:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.12:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_linuxone:4.12:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.10:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_ibm_z_systems:4.11:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_power:4.12:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.11:*:*:*:*:*:*:* |
|
| References | (MISC) https://access.redhat.com/security/cve/CVE-2023-3089 - Vendor Advisory | |
| References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2212085 - Issue Tracking, Vendor Advisory |
05 Jul 2023, 13:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-07-05 13:15
Updated : 2023-11-07 04:17
NVD link : CVE-2023-3089
Mitre link : CVE-2023-3089
JSON object : View
Products Affected
redhat
- enterprise_linux
- openshift_container_platform_for_linuxone
- openshift_container_platform_ibm_z_systems
- openshift_container_platform_for_power
- openshift_container_platform_for_arm64
- openshift_container_platform
CWE
CWE-521
Weak Password Requirements