This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Redhat First view 2018-07-01
Product Openshift Container Platform Last view 2020-06-12
Version 3.11 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:redhat:openshift_container_platform

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7.5 2020-06-12 CVE-2020-10752

A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into the API Server with the leaked token.

7.2 2020-06-03 CVE-2020-7013

Kibana versions before 6.8.9 and 7.7.0 contain a prototype pollution flaw in TSVB. An authenticated attacker with privileges to create TSVB visualizations could insert data that would cause Kibana to execute arbitrary code. This could possibly lead to an attacker executing code with the permissions of the Kibana process on the host system.

5.9 2020-04-24 CVE-2020-1741

A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality.

8.2 2020-04-22 CVE-2020-10712

A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those logs, to read and write to the storage backing the internal image registry. The highest threat from this vulnerability is to data integrity.

8.8 2020-04-02 CVE-2020-11100

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.

8.8 2020-03-31 CVE-2020-10696

A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.

7 2020-03-09 CVE-2020-1706

It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/apb-tools-container.

9.8 2020-02-12 CVE-2020-8945

The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.

7 2020-02-07 CVE-2020-1708

It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/mysql-apb.

8.8 2020-01-07 CVE-2019-14819

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints.

6.5 2019-12-05 CVE-2019-11255

Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (

5 2019-11-25 CVE-2019-14891

A flaw was found in cri-o, as a result of all pod-related processes being placed in the same memory cgroup. This can result in container management (conmon) processes being killed if a workload process triggers an out-of-memory (OOM) condition for the cgroup. An attacker could abuse this flaw to get host network access on an cri-o host.

5.4 2019-08-02 CVE-2019-10176

A flaw was found in OpenShift Container Platform, versions 3.11 and later, in which the CSRF tokens used in the cluster console component were found to remain static during a user's session. An attacker with the ability to observe the value of this token would be able to re-use the token to perform a CSRF attack.

2.3 2019-07-30 CVE-2019-10165

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

5.4 2019-07-11 CVE-2019-3889

A reflected XSS vulnerability exists in authorization flow of OpenShift Container Platform versions: openshift-online-3, openshift-enterprise-3.4 through 3.7 and openshift-enterprise-3.9 through 3.11. An attacker could use this flaw to steal authorization data by getting them to click on a malicious link.

5.9 2019-06-12 CVE-2019-10150

It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.

8.1 2019-04-23 CVE-2019-2698

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D). Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

5.9 2019-04-23 CVE-2019-2684

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).

7.5 2019-04-23 CVE-2019-2602

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H).

9.8 2019-04-22 CVE-2019-3899

It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as shipped with Openshift Container Platform 3.11.

6.1 2019-04-01 CVE-2019-3876

A flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. If not otherwise prevented, a separate XSS vulnerability via JavaScript could further allow for the extraction of these tokens.

5.5 2019-04-01 CVE-2019-1002101

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.

6.1 2019-03-26 CVE-2019-3826

A stored, DOM based, cross-site scripting (XSS) flaw was found in Prometheus before version 2.7.1. An attacker could exploit this by convincing an authenticated user to visit a crafted URL on a Prometheus server, allowing for the execution and persistent storage of arbitrary scripts.

7.8 2019-03-21 CVE-2019-7221

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

7.5 2019-03-21 CVE-2018-20615

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame length was not re-checked to make sure they were present in the frame.

CWE : Common Weakness Enumeration

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
%idName
10% (7) CWE-502 Deserialization of Untrusted Data
10% (7) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
7% (5) CWE-269 Improper Privilege Management
6% (4) CWE-416 Use After Free
6% (4) CWE-254 Security Features
6% (4) CWE-125 Out-of-bounds Read
4% (3) CWE-787 Out-of-bounds Write
4% (3) CWE-352 Cross-Site Request Forgery (CSRF)
4% (3) CWE-284 Access Control (Authorization) Issues
3% (2) CWE-704 Incorrect Type Conversion or Cast
3% (2) CWE-613 Insufficient Session Expiration
3% (2) CWE-362 Race Condition
3% (2) CWE-287 Improper Authentication
3% (2) CWE-200 Information Exposure
3% (2) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
3% (2) CWE-20 Improper Input Validation
1% (1) CWE-770 Allocation of Resources Without Limits or Throttling
1% (1) CWE-754 Improper Check for Unusual or Exceptional Conditions
1% (1) CWE-697 Insufficient Comparison
1% (1) CWE-611 Information Leak Through XML External Entity File Disclosure
1% (1) CWE-532 Information Leak Through Log Files
1% (1) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
1% (1) CWE-399 Resource Management Errors
1% (1) CWE-388 Error Handling
1% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm

Snort® IPS/IDS

Date Description
2019-06-11 Jenkins CI Server ASTTest code execution attempt
RuleID : 50041 - Type : SERVER-WEBAPP - Revision : 2
2019-04-23 Jenkins Groovy metaprogramming remote code execution attempt
RuleID : 49499 - Type : SERVER-WEBAPP - Revision : 1
2019-04-23 Jenkins Groovy metaprogramming remote code execution attempt
RuleID : 49498 - Type : SERVER-WEBAPP - Revision : 1
2019-02-07 Kibana Console for Elasticsearch local file inclusion attempt
RuleID : 48815 - Type : SERVER-WEBAPP - Revision : 3
2019-01-10 Kubernetes API Server bypass attempt
RuleID : 48548 - Type : SERVER-OTHER - Revision : 1
2019-01-08 Kubernetes API Server bypass attempt
RuleID : 48500 - Type : SERVER-OTHER - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-11 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZA-2018-077.nasl - Type: ACT_GATHER_INFO
2019-01-10 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2019-1138.nasl - Type: ACT_GATHER_INFO
2019-01-08 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2019-1010.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-12b934e224.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-314913636b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-56221eb24b.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-81ee973d7c.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-9dbe983805.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-c8c7d35b83.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-ca03363d57.nasl - Type: ACT_GATHER_INFO
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-fb2afee474.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1430.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1419.nasl - Type: ACT_GATHER_INFO
2018-12-18 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0112.nasl - Type: ACT_GATHER_INFO
2018-12-14 Name: The remote Kubernetes server is affected by a proxy request handling vulnerab...
File: kube_cve_2018_1002105.nasl - Type: ACT_ATTACK
2018-12-10 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2018-1393.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1391.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: A job scheduling and management system hosted on the remote web server is aff...
File: jenkins_2_154.nasl - Type: ACT_GATHER_INFO
2018-12-07 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1110.nasl - Type: ACT_GATHER_INFO
2018-12-04 Name: The remote host contains an application affected by a privilege escalation vu...
File: kube_1_12_3.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security update.
File: debian_DLA-1601.nasl - Type: ACT_GATHER_INFO
2018-11-30 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4347.nasl - Type: ACT_GATHER_INFO
2018-11-29 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4346.nasl - Type: ACT_GATHER_INFO
2018-11-29 Name: The remote Debian host is missing a security update.
File: debian_DLA-1598.nasl - Type: ACT_GATHER_INFO
2018-11-28 Name: The remote Windows host contains a library that is affected by multiple vulne...
File: ghostscript_9_26.nasl - Type: ACT_GATHER_INFO