Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): OpenShift
- Search Type: Search All
- CPE Name Search: false
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-4281 |
In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could allow users with local access to the broker to read this file. Published: October 19, 2022; 2:15:11 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2013-4253 |
The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file. Published: October 19, 2022; 2:15:11 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2017-7517 |
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access the metrics stored from the original "MyProject" instance. Published: October 17, 2022; 12:15:14 PM -0400 |
V3.1: 3.5 LOW V2.0:(not available) |
CVE-2022-2403 |
A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was stored incorrectly in the oauth-serving-cert ConfigMaps, and accessible to any authenticated OpenShift user or service-account. A malicious user could exploit this flaw by reading the oauth-serving-cert ConfigMap in the openshift-config-managed namespace, compromising any web traffic secured using that certificate. Published: September 01, 2022; 5:15:09 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-1677 |
In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. This malformed entry can match any arbitrary hostname, or all hostnames in the cluster, and direct traffic to an arbitrary application within the cluster, including one under attacker control. Published: September 01, 2022; 5:15:09 PM -0400 |
V3.1: 6.3 MEDIUM V2.0:(not available) |
CVE-2022-1632 |
An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of confidentiality. Published: September 01, 2022; 5:15:08 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2021-4125 |
It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. This CVE only applies to the OpenShift Metering hive container images, shipped in OpenShift 4.8, 4.7 and 4.6. Published: August 24, 2022; 12:15:09 PM -0400 |
V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2021-3442 |
A flaw was found in the Red Hat OpenShift API Management product. User input is not validated allowing an authenticated user to inject scripts into some text boxes leading to a XSS attack. The highest threat from this vulnerability is to data confidentiality. Published: August 22, 2022; 11:15:13 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2022-36909 |
A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL. Published: July 27, 2022; 11:15:10 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-36908 |
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to check for the existence of an attacker-specified file path on the Jenkins controller file system and to upload a SSH key file from the Jenkins controller file system to an attacker-specified URL. Published: July 27, 2022; 11:15:10 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-36907 |
A missing permission check in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password. Published: July 27, 2022; 11:15:10 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2022-36906 |
A cross-site request forgery (CSRF) vulnerability in Jenkins OpenShift Deployer Plugin 1.2.0 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified username and password. Published: July 27, 2022; 11:15:10 AM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2015-3207 |
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes. Published: July 07, 2022; 9:15:08 AM -0400 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2014-0068 |
It was reported that watchman in openshift node-utils creates /var/run/watchman.pid and /var/log/watchman.ouput with world writable permission. Published: June 30, 2022; 5:15:10 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2013-4561 |
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity. Published: June 30, 2022; 3:15:08 PM -0400 |
V3.1: 9.1 CRITICAL V2.0: 6.4 MEDIUM |
CVE-2022-22472 |
IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340. Published: June 30, 2022; 1:15:07 PM -0400 |
V3.1: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2022-0552 |
A flaw was found in the original fix for the netty-codec-http CVE-2021-21409, where the OpenShift Logging openshift-logging/elasticsearch6-rhel8 container was incomplete. The vulnerable netty-codec-http maven package was not removed from the image content. This flaw affects origin-aggregated-logging versions 3.11. Published: April 11, 2022; 4:15:16 PM -0400 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2021-4047 |
The release of OpenShift 4.9.6 included four CVE fixes for the haproxy package, however the patch for CVE-2021-39242 was missing. This issue only affects Red Hat OpenShift 4.9. Published: April 11, 2022; 4:15:16 PM -0400 |
V3.1: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2021-20238 |
It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint (port 22623) provides ignition configuration used for bootstrapping Nodes and can include some sensitive data, e.g. registry pull secrets. There are two scenarios where this data can be accessed. The first is on Baremetal, OpenStack, Ovirt, Vsphere and KubeVirt deployments which do not have a separate internal API endpoint and allow access from outside the cluster to port 22623 from the standard OpenShift API Virtual IP address. The second is on cloud deployments when using unsupported network plugins, which do not create iptables rules that prevent to port 22623. In this scenario, the ignition config is exposed to all pods within the cluster and cannot be accessed externally. Published: April 01, 2022; 7:15:08 PM -0400 |
V3.1: 3.7 LOW V2.0: 4.3 MEDIUM |
CVE-2021-3636 |
It was found in OpenShift, before version 4.8, that the generated certificate for the in-cluster Service CA, incorrectly included additional certificates. The Service CA is automatically mounted into all pods, allowing them to safely connect to trusted in-cluster services that present certificates signed by the trusted Service CA. The incorrect inclusion of additional CAs in this certificate would allow an attacker that compromises any of the additional CAs to masquerade as a trusted in-cluster service. Published: July 30, 2021; 4:15:07 PM -0400 |
V3.1: 4.6 MEDIUM V2.0: 4.1 MEDIUM |