Search for vulnerabilities
Vulnerability details: VCID-kye6-bzhe-aaar
Vulnerability ID VCID-kye6-bzhe-aaar
Aliases CVE-2023-3089
Summary A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (4)
CWE-521 Weak Password Requirements
CWE-166 Improper Handling of Missing Special Element
CWE-693 Protection Mechanism Failure
CWE-327 Use of a Broken or Risky Cryptographic Algorithm
System Score Found at
cvssv3 6.5 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3089.json
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00038 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00053 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00111 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00119 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00119 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00119 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00119 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00172 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
epss 0.00244 https://api.first.org/data/v1/epss?cve=CVE-2023-3089
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2023-3089
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2023-3089
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3089.json
https://access.redhat.com/security/cve/CVE-2023-3089
https://api.first.org/data/v1/epss?cve=CVE-2023-3089
https://bugzilla.redhat.com/show_bug.cgi?id=2212085
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openshift_container_platform_for_arm64:4.11:*:*:*:*:*:*:*
cpe:/a:redhat:acm:2 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:acm:2
cpe:/a:redhat:amq_streams:1 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:amq_streams:1
cpe:/a:redhat:container_native_virtualization:4 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:container_native_virtualization:4
cpe:/a:redhat:openshift:3.11 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11
cpe:/a:redhat:openshift:4 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
cpe:/a:redhat:openshift_data_foundation:4 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_data_foundation:4
cpe:/a:redhat:openshift_sandboxed_containers:1 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift_sandboxed_containers:1
cpe:/a:redhat:serverless:1 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:serverless:1
cpe:/a:redhat:service_mesh:2.2 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_mesh:2.2
cpe:/a:redhat:service_mesh:2.3 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_mesh:2.3
cpe:/a:redhat:service_mesh:2.4 https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:service_mesh:2.4
CVE-2023-3089 https://nvd.nist.gov/vuln/detail/CVE-2023-3089
RHSA-2023:3910 https://access.redhat.com/errata/RHSA-2023:3910
RHSA-2023:3911 https://access.redhat.com/errata/RHSA-2023:3911
RHSA-2023:3914 https://access.redhat.com/errata/RHSA-2023:3914
RHSA-2023:3915 https://access.redhat.com/errata/RHSA-2023:3915
RHSA-2023:3924 https://access.redhat.com/errata/RHSA-2023:3924
RHSA-2023:3925 https://access.redhat.com/errata/RHSA-2023:3925
RHSA-2023:4093 https://access.redhat.com/errata/RHSA-2023:4093
RHSA-2023:4112 https://access.redhat.com/errata/RHSA-2023:4112
RHSA-2023:4113 https://access.redhat.com/errata/RHSA-2023:4113
RHSA-2023:4114 https://access.redhat.com/errata/RHSA-2023:4114
RHSA-2023:4204 https://access.redhat.com/errata/RHSA-2023:4204
RHSA-2023:4238 https://access.redhat.com/errata/RHSA-2023:4238
RHSA-2023:4241 https://access.redhat.com/errata/RHSA-2023:4241
RHSA-2023:4276 https://access.redhat.com/errata/RHSA-2023:4276
RHSA-2023:4286 https://access.redhat.com/errata/RHSA-2023:4286
RHSA-2023:4287 https://access.redhat.com/errata/RHSA-2023:4287
RHSA-2023:4290 https://access.redhat.com/errata/RHSA-2023:4290
RHSA-2023:4421 https://access.redhat.com/errata/RHSA-2023:4421
RHSA-2023:4437 https://access.redhat.com/errata/RHSA-2023:4437
RHSA-2023:4456 https://access.redhat.com/errata/RHSA-2023:4456
RHSA-2023:4471 https://access.redhat.com/errata/RHSA-2023:4471
RHSA-2023:4472 https://access.redhat.com/errata/RHSA-2023:4472
RHSA-2023:4475 https://access.redhat.com/errata/RHSA-2023:4475
RHSA-2023:4575 https://access.redhat.com/errata/RHSA-2023:4575
RHSA-2023:4576 https://access.redhat.com/errata/RHSA-2023:4576
RHSA-2023:4650 https://access.redhat.com/errata/RHSA-2023:4650
RHSA-2023:4654 https://access.redhat.com/errata/RHSA-2023:4654
RHSA-2023:4664 https://access.redhat.com/errata/RHSA-2023:4664
RHSA-2023:4862 https://access.redhat.com/errata/RHSA-2023:4862
RHSA-2023:4875 https://access.redhat.com/errata/RHSA-2023:4875
RHSA-2023:4972 https://access.redhat.com/errata/RHSA-2023:4972
RHSA-2023:4980 https://access.redhat.com/errata/RHSA-2023:4980
RHSA-2023:5009 https://access.redhat.com/errata/RHSA-2023:5009
RHSA-2023:5103 https://access.redhat.com/errata/RHSA-2023:5103
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3089.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-3089
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-3089
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.10322
EPSS Score 0.00038
Published At April 15, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.