Back to bug 2179728
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Avinash Hanwate | 2023-03-20 04:47:30 UTC | CC | sgott | |
| Avinash Hanwate | 2023-03-20 04:51:08 UTC | Doc Text | A flaw was found in the Kubevirt package. KubeVirt could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially-crafted request using the virt-handler service account, an attacker could exploit this vulnerability to modify all node specs. | |
| Avinash Hanwate | 2023-03-20 04:53:01 UTC | Depends On | 2179736, 2179740, 2179743, 2179744, 2179739, 2179742, 2179735, 2179738, 2179737, 2179741 | |
| RaTasha Tillery-Smith | 2023-03-20 13:35:08 UTC | Doc Text | A flaw was found in the Kubevirt package. KubeVirt could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially-crafted request using the virt-handler service account, an attacker could exploit this vulnerability to modify all node specs. | A flaw was found in the Kubevirt package. KubeVirt could allow a remote authenticated attacker to bypass security restrictions caused by improper authorization validation. An attacker can modify all node specs by sending a specially-crafted request using the virt-handler service account. |
| Red Hat Bugzilla | 2023-05-15 18:50:40 UTC | CC | dcadzow | |
| Red Hat Bugzilla | 2023-07-07 08:32:00 UTC | Assignee | security-response-team | nobody |
| Avinash Hanwate | 2023-07-10 09:34:44 UTC | Severity | high | medium |
| Priority | high | medium |
Back to bug 2179728