CVE-2023-0296Use of a Broken or Risky Cryptographic Algorithm in Redhat Openshift

CWE-327Use of a Broken or Risky Cryptographic Algorithm4 documents4 sources
Severity
5.3MEDIUMNVD
CNA7.5
EPSS
0.2%
top 63.04%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Openshift
Timeline
PublishedJan 17

Description

The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component. Even though the CVE-2016-2183 has been fixed in the etcd components, to enable periodic health checks from kubelet, it was necessary to open up a new port (9979) on etcd grpc-proxy, hence this port might be considered as still vulnerable to the same type of vulnerability. The health checks on etcd grpc-proxy do not contain sensitive data (only metrics

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-wpff-vmpr-5q22: The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component2023-01-17
CVEList
CVE-2023-0296: The Birthday attack against 64-bit block ciphers flaw (CVE-2016-2183) was reported for the health checks port (9979) on etcd grpc-proxy component2023-01-17

📋Vendor Advisories

1
Red Hat
openshift: etcd grpc-proxy vulnerable to The Birthday attack against 64-bit block cipher2023-01-16
CVE-2023-0296 — Redhat Openshift vulnerability | cvebase