Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-10165

Опубликовано: 07 июн. 2019
Источник: redhat
CVSS3: 2.3
EPSS Низкий

Описание

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-532
https://bugzilla.redhat.com/show_bug.cgi?id=1719092openshift: OAuth access tokens written in plaintext to API server audit logs

EPSS

Процентиль: 19%
0.00059
Низкий

2.3 Low

CVSS3

Связанные уязвимости

nvd логотип

CVE-2019-10165

CVSS3: 2.3
nvd
около 6 лет назад

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

github логотип

GHSA-252g-gw8q-x2cc

github
около 3 лет назад

OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

EPSS

Процентиль: 19%
0.00059
Низкий

2.3 Low

CVSS3