CVE & CISA-KEV Catalog

CVE-2023-4853

HIGH
8.1
CVSS v3
NVD

Description

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized endpoint access and possibly a denial of service.

How to fix

Remediation Available
openshift-serverless-1-tech-preview/logic-data-indexRed Hat / RHEL
Fixed in:ephemeral-rhel8@sha256:de33007837951f1368676238788cb6dbabd7b319d1655cf5b8fe99f4b637f954_amd64RHSA-2023:5480
Fixed in:ephemeral-rhel8@sha256:f8e100e096e6730624cafec710f993d50797a854a3ebaaf475916c37d3cc3ba2_arm64RHSA-2023:5480
Fixed in:ephemeral-rhel8@sha256:5cc784c8422b2fa2bcfc01fcd3a55b36882037fd029d278a6a51ea012de5effb_ppc64leRHSA-2023:5480
openshift-serverless-1-tech-preview/logic-data-indexRocky
Fixed in:ephemeral-rhel8@sha256:f8e100e096e6730624cafec710f993d50797a854a3ebaaf475916c37d3cc3ba2_arm64RHSA-2023:5480
Fixed in:ephemeral-rhel8@sha256:5cc784c8422b2fa2bcfc01fcd3a55b36882037fd029d278a6a51ea012de5effb_ppc64leRHSA-2023:5480
Fixed in:ephemeral-rhel8@sha256:de33007837951f1368676238788cb6dbabd7b319d1655cf5b8fe99f4b637f954_amd64RHSA-2023:5480
openshift-serverless-1-tech-preview/logic-swfRed Hat / RHEL
Fixed in:builder-rhel8@sha256:ac502999e989c3339ec376929c1715a8ababf9b75fa7a085488b1a730bda68a8_ppc64leRHSA-2023:5480
Fixed in:builder-rhel8@sha256:317a54d70480cc67f6e91530dcbadba8eaec7039aa705d9e473ba92486f89aab_amd64RHSA-2023:5480
Fixed in:devmode-rhel8@sha256:494dcf580e5f05ea7106b3842a84cf2a2a11f8b50be145b88821f1960c10993b_arm64RHSA-2023:5480
Fixed in:builder-rhel8@sha256:0cc0ae9009348bd8b039636594b6ee16d1a36abe0e087f5c0dec256f5b320ad3_arm64RHSA-2023:5480
Fixed in:devmode-rhel8@sha256:e8b1941ba7867c77f1545b0208d7738264e9f40b399e362b82aafb9c73eebd7d_amd64RHSA-2023:5480
Fixed in:devmode-rhel8@sha256:e9ce0d3c89fae18eff4d1a0ee0ccf4395beb38c8618fd4685298e30c68973ed9_ppc64leRHSA-2023:5480
openshift-serverless-1-tech-preview/logic-swfRocky
Fixed in:devmode-rhel8@sha256:e8b1941ba7867c77f1545b0208d7738264e9f40b399e362b82aafb9c73eebd7d_amd64RHSA-2023:5480
Fixed in:builder-rhel8@sha256:317a54d70480cc67f6e91530dcbadba8eaec7039aa705d9e473ba92486f89aab_amd64RHSA-2023:5480
Fixed in:devmode-rhel8@sha256:494dcf580e5f05ea7106b3842a84cf2a2a11f8b50be145b88821f1960c10993b_arm64RHSA-2023:5480
Fixed in:builder-rhel8@sha256:0cc0ae9009348bd8b039636594b6ee16d1a36abe0e087f5c0dec256f5b320ad3_arm64RHSA-2023:5480
Fixed in:devmode-rhel8@sha256:e9ce0d3c89fae18eff4d1a0ee0ccf4395beb38c8618fd4685298e30c68973ed9_ppc64leRHSA-2023:5480
Fixed in:builder-rhel8@sha256:ac502999e989c3339ec376929c1715a8ababf9b75fa7a085488b1a730bda68a8_ppc64leRHSA-2023:5480
openshift-serverless-1/clientRocky
Fixed in:kn-rhel8@sha256:a03748a70ae2d14b46451c4d0bb64f38318939929fae0720b332d9d59f249753_s390xRHSA-2023:5480
Fixed in:kn-rhel8@sha256:e3b5d892e23912dca1a3c79f62f9cd4ec4220348291c285e59beedcaa23c6918_amd64RHSA-2023:5480
Fixed in:kn-rhel8@sha256:89dd6b563582dcd91384497eb90aa79f6526ba902129f2fb1b7d35c7057524c1_ppc64leRHSA-2023:5480
openshift-serverless-1/clientRed Hat / RHEL
Fixed in:kn-rhel8@sha256:e3b5d892e23912dca1a3c79f62f9cd4ec4220348291c285e59beedcaa23c6918_amd64RHSA-2023:5480
Fixed in:kn-rhel8@sha256:a03748a70ae2d14b46451c4d0bb64f38318939929fae0720b332d9d59f249753_s390xRHSA-2023:5480
Fixed in:kn-rhel8@sha256:89dd6b563582dcd91384497eb90aa79f6526ba902129f2fb1b7d35c7057524c1_ppc64leRHSA-2023:5480
openshift-serverless-1/ingressRocky
Fixed in:rhel8-operator@sha256:a27693bd13c1dc4d60927bfbcaea8c05740d5b9f9ba62d45861e6db569cbf023_ppc64leRHSA-2023:5480
Fixed in:rhel8-operator@sha256:eb85156934335659c84db3849c4c76735efcf96c79dd90bd2c1c05a49e47288b_s390xRHSA-2023:5480
Fixed in:rhel8-operator@sha256:8ba64b3d8ea7b204615c889a80af13466b2272be05f227dea113593160a9cf5a_amd64RHSA-2023:5480
openshift-serverless-1/ingressRed Hat / RHEL
Fixed in:rhel8-operator@sha256:eb85156934335659c84db3849c4c76735efcf96c79dd90bd2c1c05a49e47288b_s390xRHSA-2023:5480
Fixed in:rhel8-operator@sha256:8ba64b3d8ea7b204615c889a80af13466b2272be05f227dea113593160a9cf5a_amd64RHSA-2023:5480
Fixed in:rhel8-operator@sha256:a27693bd13c1dc4d60927bfbcaea8c05740d5b9f9ba62d45861e6db569cbf023_ppc64leRHSA-2023:5480
openshift-serverless-1/kn-cliRed Hat / RHEL
Fixed in:artifacts-rhel8@sha256:a0d46c24aef2c98ec8866998386d8916fa652c7c5718b0af2b76434539083897_ppc64leRHSA-2023:5480
Fixed in:artifacts-rhel8@sha256:e6afabd57c213b4bdf568e41a23f50ecf152c37513238edc44d478c9fce3237b_s390xRHSA-2023:5480
Fixed in:artifacts-rhel8@sha256:6179fa42de591d7048490f95ca3eba77d040dc7969087f280ad6087b306c4c05_amd64RHSA-2023:5480
openshift-serverless-1/kn-cliRocky
Fixed in:artifacts-rhel8@sha256:e6afabd57c213b4bdf568e41a23f50ecf152c37513238edc44d478c9fce3237b_s390xRHSA-2023:5480
Fixed in:artifacts-rhel8@sha256:a0d46c24aef2c98ec8866998386d8916fa652c7c5718b0af2b76434539083897_ppc64leRHSA-2023:5480
Fixed in:artifacts-rhel8@sha256:6179fa42de591d7048490f95ca3eba77d040dc7969087f280ad6087b306c4c05_amd64RHSA-2023:5480
openshift-serverless-1/knativeRocky
Fixed in:rhel8-operator@sha256:44f1531181bc20255a9d3fe306bce287c77d0f242640de4accdeff41fcbbe9ee_amd64RHSA-2023:5480
Fixed in:rhel8-operator@sha256:134c6680d9cdee4ed660de1ee43d816db7bcfb949b3f931852853dc37067a3d8_ppc64leRHSA-2023:5480
Fixed in:rhel8-operator@sha256:efbbab9ffcb6fcbcea15a1f44519c389205366125b261f2928e115d84447a8d8_s390xRHSA-2023:5480
openshift-serverless-1/knativeRed Hat / RHEL
Fixed in:rhel8-operator@sha256:44f1531181bc20255a9d3fe306bce287c77d0f242640de4accdeff41fcbbe9ee_amd64RHSA-2023:5480
Fixed in:rhel8-operator@sha256:efbbab9ffcb6fcbcea15a1f44519c389205366125b261f2928e115d84447a8d8_s390xRHSA-2023:5480
Fixed in:rhel8-operator@sha256:134c6680d9cdee4ed660de1ee43d816db7bcfb949b3f931852853dc37067a3d8_ppc64leRHSA-2023:5480
openshift-serverless-1/serverlessRed Hat / RHEL
Fixed in:rhel8-operator@sha256:e2ca3fafd6835d89e4c1494d2fbc2ed869ea99455fd50342e94ae7acbcc667fa_amd64RHSA-2023:5480
Fixed in:operator-bundle@sha256:8371de71b7631fec17318af551faeb32a666c96a154f1e8101b97fb4f07ff100_amd64RHSA-2023:5480
Fixed in:rhel8-operator@sha256:b1e59075a2d208252a6b2a1d4dd245dddb3e354594ae3451dbe9fcb733612992_ppc64leRHSA-2023:5480
Fixed in:rhel8-operator@sha256:d7cb0bb8df135a12f9aa3026ff154d2979680effdb969ca42e9df3bd9b473a4a_s390xRHSA-2023:5480
openshift-serverless-1/serverlessRocky
Fixed in:operator-bundle@sha256:8371de71b7631fec17318af551faeb32a666c96a154f1e8101b97fb4f07ff100_amd64RHSA-2023:5480
Fixed in:rhel8-operator@sha256:d7cb0bb8df135a12f9aa3026ff154d2979680effdb969ca42e9df3bd9b473a4a_s390xRHSA-2023:5480
Fixed in:rhel8-operator@sha256:b1e59075a2d208252a6b2a1d4dd245dddb3e354594ae3451dbe9fcb733612992_ppc64leRHSA-2023:5480
Fixed in:rhel8-operator@sha256:e2ca3fafd6835d89e4c1494d2fbc2ed869ea99455fd50342e94ae7acbcc667fa_amd64RHSA-2023:5480
openshift-serverless-1/svls-mustRed Hat / RHEL
Fixed in:gather-rhel8@sha256:5a6a1342debc2b944dc8e6919357d7afb620caaba0d42023b0264d1b201639a0_s390xRHSA-2023:5480
Fixed in:gather-rhel8@sha256:8fcaa5f0d48e4b8a65fdb3cbe61937b3284400711b7d7b912a77c942d2de56e9_amd64RHSA-2023:5480
Fixed in:gather-rhel8@sha256:dfb31882aa0e5eb1468357217e90db73b53129c6d903694c61f5542cce494150_ppc64leRHSA-2023:5480
openshift-serverless-1/svls-mustRocky
Fixed in:gather-rhel8@sha256:8fcaa5f0d48e4b8a65fdb3cbe61937b3284400711b7d7b912a77c942d2de56e9_amd64RHSA-2023:5480
Fixed in:gather-rhel8@sha256:5a6a1342debc2b944dc8e6919357d7afb620caaba0d42023b0264d1b201639a0_s390xRHSA-2023:5480
Fixed in:gather-rhel8@sha256:dfb31882aa0e5eb1468357217e90db73b53129c6d903694c61f5542cce494150_ppc64leRHSA-2023:5480
openshift-serverless-clientsRocky
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
openshift-serverless-clientsRed Hat / RHEL
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
Fixed in:0:1.9.2-3.el8RHSA-2023:5479
rhpam-7-tech-preview/rhpam-kogito-runtimeRocky
Fixed in:native-rhel8@sha256:9ad109b7163da5f8caaf2b104475004548886d7dbbc9a732425fcafcf41b0ea6_amd64RHSA-2023:6107
rhpam-7-tech-preview/rhpam-kogito-runtimeRed Hat / RHEL
Fixed in:native-rhel8@sha256:9ad109b7163da5f8caaf2b104475004548886d7dbbc9a732425fcafcf41b0ea6_amd64RHSA-2023:6107
rhpam-7/rhpam-kogitoRocky
Fixed in:builder-rhel8@sha256:45b76edfd70a76efb113a5754b72e684aa3093add2db3fac7394a94032723203_amd64RHSA-2023:6107
Fixed in:rhel8-operator@sha256:dbc35eb75dfe94c46c99d9b45906a86abf895cfba37bb001c11cc463bda3c733_amd64RHSA-2023:6107
Fixed in:rhel8-operator@sha256:8ecf3a814085236c5692c18a117a604348172fc2d38566363d16191d52717406_ppc64leRHSA-2023:6107
Fixed in:builder-rhel8@sha256:ba92f9f2163a29eb956e445a3687e83c54838fae6098b81bef980fbb27a2c0b5_ppc64leRHSA-2023:6107
rhpam-7/rhpam-kogitoRed Hat / RHEL
Fixed in:builder-rhel8@sha256:ba92f9f2163a29eb956e445a3687e83c54838fae6098b81bef980fbb27a2c0b5_ppc64leRHSA-2023:6107
Fixed in:rhel8-operator@sha256:dbc35eb75dfe94c46c99d9b45906a86abf895cfba37bb001c11cc463bda3c733_amd64RHSA-2023:6107
Fixed in:builder-rhel8@sha256:45b76edfd70a76efb113a5754b72e684aa3093add2db3fac7394a94032723203_amd64RHSA-2023:6107
Fixed in:rhel8-operator@sha256:8ecf3a814085236c5692c18a117a604348172fc2d38566363d16191d52717406_ppc64leRHSA-2023:6107
rhpam-7/rhpam-kogito-rhel8Red Hat / RHEL
Fixed in:operator-bundle@sha256:f84af09c90836c2f4ee93fed624d04478953b4fc70c25eee277373d829101fa6_ppc64leRHSA-2023:6107
Fixed in:operator-bundle@sha256:65f4db25e0fa2348279061a29f8f137494918362d152a42946dfc9d8dcb4f343_amd64RHSA-2023:6107
rhpam-7/rhpam-kogito-rhel8Rocky
Fixed in:operator-bundle@sha256:f84af09c90836c2f4ee93fed624d04478953b4fc70c25eee277373d829101fa6_ppc64leRHSA-2023:6107
Fixed in:operator-bundle@sha256:65f4db25e0fa2348279061a29f8f137494918362d152a42946dfc9d8dcb4f343_amd64RHSA-2023:6107
rhpam-7/rhpam-kogito-runtimeRocky
Fixed in:jvm-rhel8@sha256:62d4cd51c9ed4735a0a7d78668b4b3eeb4db5b625f4f36e125698212321bc9b1_amd64RHSA-2023:6107
Fixed in:jvm-rhel8@sha256:e525c9934424b2b46a61a3b8d6b1cef7f005c19456e927d544733f66dcfdf064_ppc64leRHSA-2023:6107
rhpam-7/rhpam-kogito-runtimeRed Hat / RHEL
Fixed in:jvm-rhel8@sha256:e525c9934424b2b46a61a3b8d6b1cef7f005c19456e927d544733f66dcfdf064_ppc64leRHSA-2023:6107
Fixed in:jvm-rhel8@sha256:62d4cd51c9ed4735a0a7d78668b4b3eeb4db5b625f4f36e125698212321bc9b1_amd64RHSA-2023:6107

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityHigh
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

1.21%probability of exploitation in 30 days
65thpercentile

Moderate risk: more likely to be exploited than 65% of all known CVEs.

References

Embed a live status badge for CVE-2023-4853
CVE-2023-4853 severity badge

Markdown

[![CVE-2023-4853](https://tridentstack.com/cve/badge/CVE-2023-4853.svg)](https://tridentstack.com/cve/CVE-2023-4853)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-4853"><img src="https://tridentstack.com/cve/badge/CVE-2023-4853.svg" alt="CVE-2023-4853"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.