Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-252g-gw8q-x2cc

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

EPSS

Процентиль: 19%
0.00059
Низкий

Связанные уязвимости

CVSS3: 2.3
redhat
около 6 лет назад

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

CVSS3: 2.3
nvd
около 6 лет назад

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

EPSS

Процентиль: 19%
0.00059
Низкий