U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:/a:redhat:openshift_container_platform:3.6
There are 13 matching records.
Displaying matches 1 through 13.
Vuln ID Summary CVSS Severity
CVE-2020-27833

A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. The vulnerability is limited to the command `oc image extract`. If a symbolic link is first created pointing within the tarball, this allows further symbolic links to bypass the existing path check. This flaw allows the tarball to create links outside the tarball's parent directory, allowing for executables or configuration files to be overwritten, resulting in arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions up to and including openshift-clients-4.7.0-202104250659.p0.git.95881af are affected.

Published: May 14, 2021; 5:15:07 PM -0400
V4.0:(not available)
V3.1: 7.1 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-14298

The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected.

Published: July 13, 2020; 5:15:14 PM -0400
V4.0:(not available)
V3.1: 8.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2020-10712

A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those logs, to read and write to the storage backing the internal image registry. The highest threat from this vulnerability is to data integrity.

Published: April 22, 2020; 12:15:12 PM -0400
V4.0:(not available)
V3.1: 8.2 HIGH
V2.0: 6.4 MEDIUM
CVE-2019-10165

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

Published: July 30, 2019; 7:15:12 PM -0400
V4.0:(not available)
V3.1: 2.3 LOW
V2.0: 2.1 LOW
CVE-2019-3889

A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11. An attacker could use this flaw to steal authorization data by getting them to click on a malicious link.

Published: July 11, 2019; 3:15:13 PM -0400
V4.0:(not available)
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW
CVE-2019-10150

It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.

Published: June 12, 2019; 10:29:02 AM -0400
V4.0:(not available)
V3.0: 5.9 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2019-3876

A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. If not otherwise prevented, a separate XSS vulnerability via JavaScript could further allow for the extraction of these tokens.

Published: April 01, 2019; 11:29:01 AM -0400
V4.0:(not available)
V3.1: 6.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2018-1002105

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.

Published: December 05, 2018; 4:29:00 PM -0500
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 7.5 HIGH
CVE-2018-14632

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.

Published: September 06, 2018; 10:29:00 AM -0400
V4.0:(not available)
V3.1: 7.7 HIGH
V2.0: 4.0 MEDIUM
CVE-2017-12195

A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearch be configured with an external route, and the data accessed is limited to the indices.

Published: July 27, 2018; 11:29:00 AM -0400
V4.0:(not available)
V3.0: 4.8 MEDIUM
V2.0: 5.8 MEDIUM
CVE-2018-10843

source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.

Published: July 02, 2018; 1:29:00 PM -0400
V4.0:(not available)
V3.0: 8.8 HIGH
V2.0: 9.0 HIGH
CVE-2018-1085

openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote users to connect without any authentication if they can access the etcd server bound to the network on the master nodes. An attacker could use this flaw to read and modify all the data about the Openshift cluster in the etcd datastore, potentially adding another compute node, or bringing down the entire cluster.

Published: June 15, 2018; 9:29:01 AM -0400
V4.0:(not available)
V3.0: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2018-1070

routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard.

Published: June 12, 2018; 9:29:00 AM -0400
V4.0:(not available)
V3.0: 7.5 HIGH
V2.0: 5.0 MEDIUM