CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1906 – server: build config to a strategy that isn't allowed by policy
https://notcve.org/view.php?id=CVE-2016-1906
Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed. Openshift, permite a los atacantes remotos alcanzar privilegios mediante la actualización de una configuración de compilación que fue diseñada con un tipo permitido en un tipo que no está permitido. An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain build-configuration strategies. A remote attacker could create build configurations with strategies that violate policy. Although the attacker could not launch the build themselves (launch fails when the policy is violated), if the build configuration files were later launched by other privileged services (such as automated triggers), user privileges could be bypassed allowing attacker escalation. • https://access.redhat.com/errata/RHSA-2016:0070 https://access.redhat.com/errata/RHSA-2016:0351 https://github.com/openshift/origin/issues/6556 https://github.com/openshift/origin/pull/6576 https://access.redhat.com/security/cve/CVE-2016-1906 https://bugzilla.redhat.com/show_bug.cgi?id=1297916 • CWE-264: Permissions, Privileges, and Access Controls CWE-285: Improper Authorization •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1905 – server: patch operation should use patched object to check admission control
https://notcve.org/view.php?id=CVE-2016-1905
The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object. El servidor API en Kubernetes no comprueba correctamente el control de admisión, lo que permite a usuarios remotos autenticados acceder a recursos adicionales a través de un objeto parcheado manipulado. An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain requests. An authenticated remote attacker could use this flaw to gain additional access to resources such as RAM and disk space. • https://access.redhat.com/errata/RHSA-2016:0070 https://github.com/kubernetes/kubernetes/issues/19479 https://access.redhat.com/security/cve/CVE-2016-1905 https://bugzilla.redhat.com/show_bug.cgi?id=1297910 • CWE-284: Improper Access Control CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-7528 – OpenShift: pod log location must validate container if provided
https://notcve.org/view.php?id=CVE-2015-7528
Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name. Kubernetes en versiones anteriores a 1.2.0-alpha.5 permite a atacantes remotos leer logs de pod arbitrarios a través de un nombre de contenedor. It was found that OpenShift's API back end did not verify requests for pod log locations, allowing a pod on a Node to request logs for any other pod on that Node. A remote attacker could use this flaw to view sensitive information via pod logs that they would normally not have access to. • http://rhn.redhat.com/errata/RHSA-2015-2615.html https://access.redhat.com/errata/RHSA-2015:2544 https://github.com/kubernetes/kubernetes/pull/17886 https://github.com/kubernetes/kubernetes/releases/tag/v1.2.0-alpha.5 https://github.com/openshift/origin/pull/6113 https://access.redhat.com/security/cve/CVE-2015-7528 https://bugzilla.redhat.com/show_bug.cgi?id=1286745 • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •