This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2018-01-10
Product Openshift Container Platform Last view 2021-06-02
Version 3.11 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:redhat:openshift_container_platform

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
6.5 2021-06-02 CVE-2020-14336

A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.

7.1 2021-05-14 CVE-2020-27833

A Zip Slip vulnerability was found in the oc binary in openshift-clients where an arbitrary file write is achieved by using a specially crafted raw container image (.tar file) which contains symbolic links. The vulnerability is limited to the command `oc image extract`. If a symbolic link is first created pointing within the tarball, this allows further symbolic links to bypass the existing path check. This flaw allows the tarball to create links outside the tarball's parent directory, allowing for executables or configuration files to be overwritten, resulting in arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions up to and including openshift-clients-4.7.0-202104250659.p0.git.95881af are affected.

7.8 2021-03-24 CVE-2019-19354

An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

7.5 2021-03-23 CVE-2021-20270

An infinite loop in SMLLexer in Pygments versions 1.5 to 2.7.3 may lead to denial of service when performing syntax highlighting of a Standard ML (SML) source file, as demonstrated by input that only contains the "exception" keyword.

6.3 2021-03-19 CVE-2019-10225

A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files.

8.8 2021-03-16 CVE-2021-3344

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to overwrite arbitrary container images in internal registries and/or escalate their privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This affects github.com/openshift/builder v0.0.0-20210125201112-7901cb396121 and before.

7.4 2021-03-16 CVE-2021-20218

A flaw was found in the fabric8 kubernetes-client in version 4.2.0 and after. This flaw allows a malicious pod/container to cause applications using the fabric8 kubernetes-client `copy` command to extract files outside the working path. The highest threat from this vulnerability is to integrity and system availability. This has been fixed in kubernetes-client-4.13.2 kubernetes-client-5.0.2 kubernetes-client-4.11.2 kubernetes-client-4.7.2

8.8 2021-02-23 CVE-2021-20182

A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

7 2021-02-11 CVE-2021-20188

A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

9.8 2020-12-21 CVE-2020-27846

A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

6.5 2020-09-23 CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.

7.5 2020-06-12 CVE-2020-10752

A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into the API Server with the leaked token.

7.2 2020-06-03 CVE-2020-7013

Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.

5.9 2020-04-24 CVE-2020-1741

A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality.

8.2 2020-04-22 CVE-2020-10712

A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those logs, to read and write to the storage backing the internal image registry. The highest threat from this vulnerability is to data integrity.

8.8 2020-04-02 CVE-2020-11100

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.

8.8 2020-03-31 CVE-2020-10696

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.

7 2020-03-09 CVE-2020-1706

It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/apb-tools-container.

7.5 2020-02-12 CVE-2020-8945

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.

7 2020-02-07 CVE-2020-1708

It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/mysql-apb.

8.8 2020-01-07 CVE-2019-14819

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints.

6.5 2019-12-05 CVE-2019-11255

Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (

5 2019-11-25 CVE-2019-14891

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.

7.5 2019-10-17 CVE-2019-11253

Improper input validation in the Kubernetes API server in versions v1.0-1.12 and versions prior to v1.13.12, v1.14.8, v1.15.5, and v1.16.2 allows authorized users to send malicious YAML or JSON payloads, causing the API server to consume excessive CPU or memory, potentially crashing and becoming unavailable. Prior to v1.14.0, default RBAC policy authorized anonymous users to submit requests that could trigger this vulnerability. Clusters upgraded from a version prior to v1.14.0 keep the more permissive policy by default for backwards compatibility.

7.8 2019-09-17 CVE-2019-14835

A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
14% (13) CWE-502 Deserialization of Untrusted Data
6% (6) CWE-269 Improper Privilege Management
6% (6) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
5% (5) CWE-416 Use After Free
4% (4) CWE-787 Out-of-bounds Write
4% (4) CWE-532 Information Leak Through Log Files
4% (4) CWE-352 Cross-Site Request Forgery (CSRF)
4% (4) CWE-125 Out-of-bounds Read
4% (4) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
3% (3) CWE-770 Allocation of Resources Without Limits or Throttling
3% (3) CWE-704 Incorrect Type Conversion or Cast
3% (3) CWE-522 Insufficiently Protected Credentials
2% (2) CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsa...
2% (2) CWE-362 Race Condition
2% (2) CWE-184 Incomplete Blacklist
2% (2) CWE-94 Failure to Control Generation of Code ('Code Injection')
2% (2) CWE-20 Improper Input Validation
1% (1) CWE-776 Unrestricted Recursive Entity References in DTDs ('XML Bomb')
1% (1) CWE-754 Improper Check for Unusual or Exceptional Conditions
1% (1) CWE-732 Incorrect Permission Assignment for Critical Resource
1% (1) CWE-697 Insufficient Comparison
1% (1) CWE-693 Protection Mechanism Failure
1% (1) CWE-674 Uncontrolled Recursion
1% (1) CWE-613 Insufficient Session Expiration
1% (1) CWE-611 Information Leak Through XML External Entity File Disclosure

Snort® IPS/IDS

Date Description
2020-02-27 Kibana Timelion prototype pollution code execution attempt
RuleID : 52835 - Type : SERVER-WEBAPP - Revision : 1
2019-06-11 Jenkins CI Server ASTTest code execution attempt
RuleID : 50041 - Type : SERVER-WEBAPP - Revision : 2
2019-04-23 Jenkins Groovy metaprogramming remote code execution attempt
RuleID : 49499 - Type : SERVER-WEBAPP - Revision : 1
2019-04-23 Jenkins Groovy metaprogramming remote code execution attempt
RuleID : 49498 - Type : SERVER-WEBAPP - Revision : 1
2019-02-07 Kibana Console for Elasticsearch local file inclusion attempt
RuleID : 48815 - Type : SERVER-WEBAPP - Revision : 3
2019-01-10 Kubernetes API Server bypass attempt
RuleID : 48548 - Type : SERVER-OTHER - Revision : 1
2019-01-08 Kubernetes API Server bypass attempt
RuleID : 48500 - Type : SERVER-OTHER - Revision : 1
2018-04-03 Jackson databind deserialization remote code execution attempt
RuleID : 45779 - Type : SERVER-OTHER - Revision : 1
2018-04-03 Jackson databind deserialization remote code execution attempt
RuleID : 45778 - Type : SERVER-OTHER - Revision : 1
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45016 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45015 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45014 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45013 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45012 - Type : FILE-OTHER - Revision : 4
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45011 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45010 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45009 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45008 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45007 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45006 - Type : FILE-OTHER - Revision : 4
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45005 - Type : FILE-OTHER - Revision : 4
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45004 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45003 - Type : FILE-OTHER - Revision : 3
2017-12-29 Jackson databind deserialization remote code execution attempt
RuleID : 45002 - Type : FILE-OTHER - Revision : 3

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-077.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1138.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2019-1010.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-9dbe983805.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-12b934e224.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-314913636b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-54a5bcc7e4.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-81ee973d7c.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-bf292e6cdf.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c8c7d35b83.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-ca03363d57.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-fb2afee474.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1430.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1419.nasl - Type: ACT_GATHER_INFO
2018-12-18 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0112.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote Kubernetes server is affected by a proxy request handling vulnerab...
File: kube_cve_2018_1002105.nasl - Type: ACT_ATTACK
2018-12-10 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1393.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1391.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: A job scheduling and management system hosted on the remote web server is aff...
File: jenkins_2_154.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1110.nasl - Type: ACT_GATHER_INFO
2018-12-04 Name: The remote host contains an application affected by a privilege escalation vu...
File: kube_1_12_3.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-1601.nasl - Type: ACT_GATHER_INFO
2018-11-30 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4347.nasl - Type: ACT_GATHER_INFO
2018-11-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4346.nasl - Type: ACT_GATHER_INFO