CVE-2016-8631

Опубликовано: 31 июл. 2018

Источник: nvd

CVSS3: 6.3

CVSS3: 7.7

CVSS2: 4

EPSS Низкий

Описание

The OpenShift Enterprise 3 router does not properly sort routes when processing newly added routes. An attacker with access to create routes can potentially overwrite existing routes and redirect network traffic for other users to their own site.

Ссылки

http://www.securityfocus.com/bid/94110
Third Party Advisory
VDB Entry
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:2696
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8631
Issue Tracking
Vendor Advisory
http://www.securityfocus.com/bid/94110
Third Party Advisory
VDB Entry
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:2696
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8631
Issue Tracking
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*

cpe:2.3:a:redhat:openshift:3.3:*:*:*:enterprise:*:*:*

EPSS

Процентиль: 41%

0.00191

Низкий

6.3 Medium

CVSS3

7.7 High

CVSS3

4 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

CVE-2016-8631

CVSS3: 6.3

redhat

больше 9 лет назад

GHSA-973m-857j-grqw

CVSS3: 7.7

github

больше 3 лет назад

EPSS

Процентиль: 41%

0.00191

Низкий

6.3 Medium

CVSS3

7.7 High

CVSS3

4 Medium

CVSS2

Дефекты

CWE-20