Описание
It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.
It was found that OpenShift Container Platform does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.
Отчет
OpenShift Container Platform allows for various types of "source clone secrets" to be defined in order to permit building from non-public git repositories. When using ssh key authentication, the server host key checking function is disabled. An attacker with the ability to redirect the network traffic and perform a "man in the middle" attack will be able to redirect the build job to use arbitrary content of their choosing. Note that the same flaw (non-verification of remote server) is present when using HTTP, or when using HTTPS with TLS verification manually disabled.
Меры по смягчению последствий
Use only methods (such as HTTPS with TLS verification) that enable the identity of the remote repository to be validated.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.6 | atomic-openshift | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.7 | atomic-openshift | Out of support scope | ||
| Red Hat OpenShift Container Platform 3.10 | atomic-openshift | Fixed | RHSA-2019:2989 | 14.10.2019 |
| Red Hat OpenShift Container Platform 3.10 | cri-o | Fixed | RHSA-2019:2989 | 14.10.2019 |
| Red Hat OpenShift Container Platform 3.11 | atomic-openshift | Fixed | RHSA-2019:3143 | 18.10.2019 |
| Red Hat OpenShift Container Platform 3.9 | atomic-openshift | Fixed | RHSA-2019:3811 | 07.11.2019 |
| Red Hat OpenShift Container Platform 4.1 | openshift4/ose-docker-builder | Fixed | RHSA-2019:3007 | 16.10.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.
It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.
Уязвимость корпоративной платформы Red Hat OpenShift Container Platform, позволяющая нарушителю перенаправить сетевой трафик
EPSS
5.9 Medium
CVSS3