CVE-2023-3361

CVSS 3.1 Score 7.2 of 10 (high)

Details

Published Oct 4, 2023
Updated: Nov 7, 2023
CWE ID 78

Summary

CVE-2023-3361 is a vulnerability affecting Red Hat OpenShift Data Science. The issue arises when exporting pipelines using the Elyra notebook pipeline editor in Python DSL or YAML formats. Instead of saving a reference to a Kubernetes secret for S3 credentials, the output file contains the plain text credentials, posing a significant security risk. This issue may allow unauthorized access to sensitive data stored in Amazon S3.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share