Описание
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.
Ссылки
- Mailing ListVDB Entry
- Mailing ListVDB Entry
- Third Party AdvisoryVDB Entry
- Patch
- Mailing ListVDB Entry
- Mailing ListVDB Entry
- Third Party AdvisoryVDB Entry
- Patch
Уязвимые конфигурации
Конфигурация 1Версия до 1.1.6 (включая)
cpe:2.3:a:openshift:origin:*:*:*:*:*:*:*:*
EPSS
Процентиль: 34%
0.00136
Низкий
5.1 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-255
Связанные уязвимости
CVSS3: 5.5
redhat
больше 10 лет назад
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.
EPSS
Процентиль: 34%
0.00136
Низкий
5.1 Medium
CVSS3
1.9 Low
CVSS2
Дефекты
CWE-255