exploitDog

CVE-2014-0233

Опубликовано: 16 нояб. 2014

Источник: nvd

CVSS2: 6.5

EPSS Низкий

Описание

Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme.

Ссылки

http://rhn.redhat.com/errata/RHSA-2014-0529.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2014-0530.html
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1096955
Exploit
http://rhn.redhat.com/errata/RHSA-2014-0529.html
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2014-0530.html
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1096955
Exploit

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 80%

0.01365

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94

Связанные уязвимости

CVE-2014-0233

redhat

больше 11 лет назад

Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme.

GHSA-frgq-r6cx-mg8w

github

больше 3 лет назад

Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme.

EPSS

Процентиль: 80%

0.01365

Низкий

6.5 Medium

CVSS2

Дефекты

CWE-94