CVE-2023-29409 - Vulnerability Details

Description

Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.

Published: 2023-08-02

Score: 5.3 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Go standard library

crypto/tls

unaffected

Version	Status	Constraints
`0`	affected	< 1.19.12
`1.20.0-0`	affected	< 1.20.7
`1.21.0-0`	affected	< 1.21.0-rc.4

Configuration 1 [-]

OR	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go::::::::
	cpe:2.3:a:golang:go:1.21.0:rc1::::::
	cpe:2.3:a:golang:go:1.21.0:rc2::::::
	cpe:2.3:a:golang:go:1.21.0:rc3::::::

Package	CPE	Advisory	Released Date
CERT-MANAGER-1.11-RHEL-9
cert-manager/cert-manager-operator-rhel9:v1.11.5-5	cpe:/a:redhat:cert_manager:1.11::el9	RHSA-2023:6279	2023-11-15T00:00:00Z
Cryostat 2 on RHEL 8
cryostat-tech-preview/cryostat-rhel8-operator:2.3.1-11	cpe:/a:redhat:cryostat:2::el8	RHSA-2023:6031	2023-10-23T00:00:00Z
Migration Toolkit for Virtualization 2.4
migration-toolkit-virtualization/mtv-rhel8-operator:2.4.3-3	cpe:/a:redhat:migration_toolkit_virtualization:2.4::el8	RHBA-2023:6109	2023-10-25T00:00:00Z
MTA-6.2-RHEL-8
mta/mta-rhel8-operator:6.2.2-3	cpe:/a:redhat:migration_toolkit_applications:6.2::el8	RHSA-2024:1027	2024-02-28T00:00:00Z
MTA-6.2-RHEL-9
mta/mta-hub-rhel9:6.2.2-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-operator-bundle:6.2.2-5	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-pathfinder-rhel9:6.2.2-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-ui-rhel9:6.2.2-2	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
mta/mta-windup-addon-rhel9:6.2.2-3	cpe:/a:redhat:migration_toolkit_applications:6.2::el9	RHSA-2024:1027	2024-02-28T00:00:00Z
NETWORK-OBSERVABILITY-1.4.0-RHEL-9
network-observability/network-observability-rhel9-operator:v1.4.0-51	cpe:/a:redhat:network_observ_optr:1.4.0::el9	RHSA-2023:5974	2023-10-20T00:00:00Z
OADP-1.1-RHEL-8
oadp/oadp-velero-rhel8:1.1.7-6	cpe:/a:redhat:openshift_api_data_protection:1.1::el8	RHSA-2023:6115	2023-10-25T00:00:00Z
Openshift Serverless 1 on RHEL 8
openshift-serverless-clients-0:1.9.2-4.el8	cpe:/a:redhat:serverless:1.0::el8	RHSA-2023:6298	2023-11-03T00:00:00Z
OSSO-1.1-RHEL-8
openshift-secondary-scheduler-operator/secondary-scheduler-operator-rhel8:v1.1-37	cpe:/a:redhat:openshift_secondary_scheduler:1.1::el8	RHSA-2023:5933	2023-10-26T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 8
receptor-0:1.4.2-1.el8ap	cpe:/a:redhat:ansible_automation_platform:2.4::el8	RHSA-2023:5805	2023-10-17T00:00:00Z
Red Hat Ansible Automation Platform 2.4 for RHEL 9
receptor-0:1.4.2-1.el9ap	cpe:/a:redhat:ansible_automation_platform:2.4::el9	RHSA-2023:5805	2023-10-17T00:00:00Z
Red Hat Enterprise Linux 8
go-toolset:rhel8-8080020231013004859.6b4b45d8	cpe:/a:redhat:enterprise_linux:8	RHSA-2023:5721	2023-10-16T00:00:00Z
container-tools:4.0-8090020231207142256.d7b6f4b7	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:0121	2024-01-10T00:00:00Z
container-tools:rhel8-8100020240227110532.82888897	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:2988	2024-05-22T00:00:00Z
Red Hat Enterprise Linux 9
golang-0:1.19.13-1.el9_2	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:5738	2023-10-16T00:00:00Z
skopeo-2:1.13.3-3.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7762	2023-12-12T00:00:00Z
runc-4:1.1.9-2.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7763	2023-12-12T00:00:00Z
buildah-1:1.31.3-2.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7764	2023-12-12T00:00:00Z
podman-2:4.6.1-7.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7765	2023-12-12T00:00:00Z
containernetworking-plugins-1:1.3.0-6.el9_3	cpe:/a:redhat:enterprise_linux:9	RHSA-2023:7766	2023-12-12T00:00:00Z
Red Hat Migration Toolkit for Containers 1.7
rhmtc/openshift-velero-plugin-rhel8:v1.7.14-3	cpe:/a:redhat:rhmt:1.7::el8	RHSA-2023:6161	2023-10-30T00:00:00Z
Red Hat OpenShift Container Platform 4.14
podman-3:4.4.1-10.1.rhaos4.14.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2023:5009	2023-10-31T00:00:00Z
runc-4:1.1.9-2.1.rhaos4.14.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2023:5009	2023-10-31T00:00:00Z
openshift-clients-0:4.14.0-202311031050.p0.g9b1e0d2.assembly.stream.el8	cpe:/a:redhat:openshift:4.14::el8	RHSA-2023:6840	2023-11-15T00:00:00Z
openshift-0:4.14.0-202401121302.p0.ge36e183.assembly.stream.el9	cpe:/a:redhat:openshift:4.14::el8	RHSA-2024:0293	2024-01-23T00:00:00Z
microshift-0:4.14.10-202401181720.p0.gd25a4c5.assembly.4.14.10.el9	cpe:/a:redhat:openshift:4.14::el9	RHSA-2024:0292	2024-01-23T00:00:00Z
Red Hat OpenShift distributed tracing 2
jaeger-agent-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-all-in-one-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-collector-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-es-index-cleaner-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-es-rollover-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-ingester-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-operator-bundle-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-operator-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
jaeger-query-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
opentelemetry-collector-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
opentelemetry-operator-bundle-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
opentelemetry-operator-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-gateway-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-gateway-opa-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-operator-bundle-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-operator-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
tempo-query-container	cpe:/a:redhat:openshift_distributed_tracing:2.9::el8	RHSA-2023:6085	2023-10-24T00:00:00Z
Red Hat OpenShift Serverless 1.30
openshift-serverless-1/client-kn-rhel8:1.9.2-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-apiserver-receive-adapter-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-in-memory-channel-dispatcher-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-controller-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-dispatcher-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-post-install-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-receiver-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-kafka-broker-webhook-rhel8:1.9.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtbroker-filter-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtbroker-ingress-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtchannel-broker-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-mtping-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-storage-version-migration-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/eventing-webhook-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/func-utils-rhel8:1.30.2-2	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/ingress-rhel8-operator:1.30.2-3	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/knative-rhel8-operator:1.30.2-3	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/kn-cli-artifacts-rhel8:1.9.2-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/kourier-control-rhel8:1.9.0-5	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/net-istio-controller-rhel8:1.9.0-5	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/net-istio-webhook-rhel8:1.9.0-5	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serverless-operator-bundle:1.30.2-2	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serverless-rhel8-operator:1.30.2-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-activator-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-autoscaler-hpa-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-autoscaler-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-domain-mapping-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-domain-mapping-webhook-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-queue-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-storage-version-migration-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/serving-webhook-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1/svls-must-gather-rhel8:1.30.2-1	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/eventing-istio-controller-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/knative-client-plugin-event-sender-rhel8:1.9.0-4	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/logic-data-index-ephemeral-rhel8:1.30.0-8	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/logic-swf-builder-rhel8:1.30.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
openshift-serverless-1-tech-preview/logic-swf-devmode-rhel8:1.30.0-9	cpe:/a:redhat:openshift_serverless:1.30::el8	RHSA-2023:6296	2023-11-02T00:00:00Z
Red Hat OpenStack Platform 16.2
rhosp-rhel8/osp-director-agent:1.3.0-10	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
rhosp-rhel8/osp-director-downloader:1.3.0-11	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
rhosp-rhel8/osp-director-operator:1.3.0-9	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
rhosp-rhel8/osp-director-operator-bundle:1.3.0-19	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5935	2023-10-19T00:00:00Z
collectd-libpod-stats-0:1.0.4-5.el8ost	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5964	2023-10-20T00:00:00Z
etcd-0:3.3.23-15.el8ost	cpe:/a:redhat:openstack:16.2::el8	RHSA-2023:5965	2023-10-20T00:00:00Z
Red Hat OpenStack Platform 17.1 for RHEL 9
collectd-libpod-stats-0:1.0.5-6.el9ost	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5969	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-agent:1.3.1-11	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-downloader:1.3.1-9	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-operator:1.3.1-11	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
rhosp-rhel9/osp-director-operator-bundle:1.3.1-18	cpe:/a:redhat:openstack:17.1::el9	RHSA-2023:5971	2023-10-20T00:00:00Z
RHODF-4.15-RHEL-9
odf4/cephcsi-rhel9:v4.15.0-37	cpe:/a:redhat:openshift_data_foundation:4.15::el9	RHSA-2024:1383	2024-03-19T00:00:00Z
RHOL-5.6-RHEL-8
openshift-logging/logging-loki-rhel8:v2.9.2-2	cpe:/a:redhat:logging:5.6::el8	RHSA-2023:5541	2023-10-20T00:00:00Z
RHOL-5.7-RHEL-8
openshift-logging/logging-loki-rhel8:v2.9.2-1	cpe:/a:redhat:logging:5.7::el8	RHSA-2023:5530	2023-10-20T00:00:00Z
RODOO-1.0-RHEL-8
run-once-duration-override-operator/run-once-duration-override-rhel8:v1.0-30	cpe:/a:redhat:run_once_duration_override_operator:1.0::el8	RHSA-2023:5947	2023-10-26T00:00:00Z
STF-1.5-RHEL-8
stf/prometheus-webhook-snmp-rhel8:1.5.2-8	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/service-telemetry-operator-bundle:1.5.1697612918-1	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/service-telemetry-rhel8-operator:1.5.1-8	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/sg-bridge-rhel8:1.5.0-18	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/sg-core-rhel8:5.1.1-8	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/smart-gateway-operator-bundle:5.0.1697612918-1	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z
stf/smart-gateway-rhel8-operator:5.0.1-9	cpe:/a:redhat:stf:1.5::el8	RHSA-2023:5976	2023-10-20T00:00:00Z

No data available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2023-32978	Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits. Based on a survey of publicly trusted RSA keys, there are currently only three certificates in circulation with keys larger than this, and all three appear to be test certificates that are not actively deployed. It is possible there are larger keys in use in private PKIs, but we target the web PKI, so causing breakage here in the interests of increasing the default safety of users of crypto/tls seems reasonable.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00115.

Exploitation none

Automatable no

Technical Impact partial

References

Link	Providers
https://go.dev/cl/515257
https://go.dev/issue/61460
https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ
https://nvd.nist.gov/vuln/detail/CVE-2023-29409
https://pkg.go.dev/vuln/GO-2023-1987
https://security.gentoo.org/glsa/202311-09
https://security.netapp.com/advisory/ntap-20230831-0010/
https://www.cve.org/CVERecord?id=CVE-2023-29409

History

Tue, 17 Jun 2025 16:00:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat stf
CPEs	~~cpe:/a:redhat:service_telemetry_framework:1.5::el8~~	cpe:/a:redhat:stf:1.5::el8
Vendors & Products	Redhat service Telemetry Framework	Redhat stf

Tue, 22 Oct 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Sun, 08 Sep 2024 18:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat openshift Distributed Tracing
CPEs		cpe:/a:redhat:openshift_distributed_tracing:2.9::el8
Vendors & Products		Redhat openshift Distributed Tracing

Mon, 19 Aug 2024 22:30:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/a:redhat:openshift_distributed_tracing:2.9::el8~~
Vendors & Products	Redhat openshift Distributed Tracing

Subscriptions

Golang Go

Redhat Ansible Automation Platform Cert Manager Cryostat Enterprise Linux Logging Migration Toolkit Applications Migration Toolkit Virtualization Network Observ Optr Openshift Openshift Api Data Protection Openshift Data Foundation Openshift Distributed Tracing Openshift Secondary Scheduler Openshift Serverless Openstack Rhmt Run Once Duration Override Operator Serverless Stf

MITRE

Status: PUBLISHED

Assigner: Go

Published: 2023-08-02T19:47:23.829Z

Updated: 2025-02-13T16:49:16.368Z

Reserved: 2023-04-05T19:36:35.043Z

Link: CVE-2023-29409

Vulnrichment

Updated: 2024-08-02T14:07:46.160Z

NVD

Status : Modified

Published: 2023-08-02T20:15:11.940

Modified: 2024-11-21T07:57:00.287

Link: CVE-2023-29409

Redhat

Severity : Moderate

Publid Date: 2023-08-02T00:00:00Z

Links: CVE-2023-29409 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-400

Tracking

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object