Home

CVE-2019-10214

Description

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.

Risk Information

Base Score
5.9
MODERATE
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.473

Associated Vulnerability

VulnerabilityOS Platform
Aardvark-dns update (ELSA-2023-6939) aardvark-dns-1.7.0-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Buildah update (ELSA-2023-6939) buildah-1.31.3-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Buildah-tests update (ELSA-2023-6939) buildah-tests-1.31.3-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Cockpit-podman update (ELSA-2023-6939) cockpit-podman-75-1.module+el8.9.0+90021+ce997450.noarch.rpmLinux
Conmon update (ELSA-2023-6939) conmon-2.1.8-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Container-selinux update (ELSA-2023-6939) container-selinux-2.221.0-1.module+el8.9.0+90021+ce997450.noarch.rpmLinux
Containernetworking-plugins update (ELSA-2023-6939) containernetworking-plugins-1.3.0-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Containers-common update (ELSA-2023-6939) containers-common-1-54.0.1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Crit update (ELSA-2023-6939) crit-3.18-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Criu update (ELSA-2023-6939) criu-3.18-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Criu-devel update (ELSA-2023-6939) criu-devel-3.18-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Criu-libs update (ELSA-2023-6939) criu-libs-3.18-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Crun update (ELSA-2023-6939) crun-1.8.7-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Fuse-overlayfs update (ELSA-2023-6939) fuse-overlayfs-1.12-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Libslirp update (ELSA-2023-6939) libslirp-4.4.0-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Libslirp-devel update (ELSA-2023-6939) libslirp-devel-4.4.0-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Netavark update (ELSA-2023-6939) netavark-1.7.0-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Oci-seccomp-bpf-hook update (ELSA-2023-6939) oci-seccomp-bpf-hook-1.2.9-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Podman update (ELSA-2023-6939) podman-4.6.1-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Podman-catatonit update (ELSA-2023-6939) podman-catatonit-4.6.1-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Podman-docker update (ELSA-2023-6939) podman-docker-4.6.1-4.module+el8.9.0+90021+ce997450.noarch.rpmLinux
Podman-gvproxy update (ELSA-2023-6939) podman-gvproxy-4.6.1-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Podman-plugins update (ELSA-2023-6939) podman-plugins-4.6.1-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Podman-remote update (ELSA-2023-6939) podman-remote-4.6.1-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Podman-tests update (ELSA-2023-6939) podman-tests-4.6.1-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Python3-criu update (ELSA-2023-6939) python3-criu-3.18-4.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Python3-podman update (ELSA-2023-6939) python3-podman-4.6.0-1.module+el8.9.0+90021+ce997450.noarch.rpmLinux
Runc update (ELSA-2023-6939) runc-1.1.9-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Skopeo update (ELSA-2023-6939) skopeo-1.13.3-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Skopeo-tests update (ELSA-2023-6939) skopeo-tests-1.13.3-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Slirp4netns update (ELSA-2023-6939) slirp4netns-1.2.1-1.module+el8.9.0+90021+ce997450.x86_64.rpmLinux
Udica update (ELSA-2023-6939) udica-0.2.6-20.module+el8.9.0+90021+ce997450.noarch.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update buildah-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update buildah-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update buildah-debugsource-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update buildah-tests-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update buildah-tests-debuginfo-1.9.0-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update cockpit-podman-4-1.module+el8.1.0+4081+b29780af.noarch.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update container-selinux-2.107-2.module+el8.1.0+4081+b29780af.noarch.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update containernetworking-plugins-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update containernetworking-plugins-debuginfo-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update containernetworking-plugins-debugsource-0.8.1-2.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update containers-common-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update fuse-overlayfs-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update fuse-overlayfs-debuginfo-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update fuse-overlayfs-debugsource-0.4.1-1.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update oci-umount-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-debugsource-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-docker-1.4.2-5.module+el8.1.0+4240+893c1ab8.noarch.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-manpages-1.4.2-5.module+el8.1.0+4240+893c1ab8.noarch.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-remote-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-remote-debuginfo-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update podman-tests-1.4.2-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update python-podman-api-1.2.0-0.1.gitd0a45fe.module+el8.1.0+4081+b29780af.noarch.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update runc-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update runc-debuginfo-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update runc-debugsource-1.0.0-60.rc8.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update skopeo-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update skopeo-debuginfo-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update skopeo-debugsource-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update skopeo-tests-0.1.37-5.module+el8.1.0+4240+893c1ab8.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update slirp4netns-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update slirp4netns-debuginfo-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update slirp4netns-debugsource-0.3.0-4.module+el8.1.0+4306+1d917805.x86_64.rpmLinux
(RHSA-2019:3403)Important: security, bug fix, and enhancement update toolbox-0.0.4-1.module+el8.1.0+4081+b29780af.x86_64.rpmLinux
Oci-systemd-hook update (ELSA-2019-4269) oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+5440+994fc847.x86_64.rpmLinux
Oci-umount update (ELSA-2019-4269) oci-umount-2.3.4-2.git87f9237.module+el8.1.0+5440+994fc847.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234