Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2017-15137

Опубликовано: 16 июл. 2018
Источник: nvd
CVSS3: 4.3
CVSS3: 5.3
CVSS2: 5
EPSS Низкий

Описание

The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openshift:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:3.9:*:*:*:*:*:*:*

EPSS

Процентиль: 38%
0.00167
Низкий

4.3 Medium

CVSS3

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20
CWE-20

Связанные уязвимости

redhat логотип

CVE-2017-15137

CVSS3: 4.3
redhat
почти 8 лет назад

The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.

github логотип

GHSA-fcgm-gwv3-mqcg

CVSS3: 5.3
github
больше 3 лет назад

The OpenShift image import whitelist failed to enforce restrictions correctly when running commands such as "oc tag", for example. This could allow a user with access to OpenShift to run images from registries that should not be allowed.

EPSS

Процентиль: 38%
0.00167
Низкий

4.3 Medium

CVSS3

5.3 Medium

CVSS3

5 Medium

CVSS2

Дефекты

CWE-20
CWE-20