CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2149 – 3: logs from a deleted namespace can be revealed if a new namespace with the same name is created
https://notcve.org/view.php?id=CVE-2016-2149
Red Hat OpenShift Enterprise 3.2 allows remote authenticated users to read log files from another namespace by using the same name as a previously deleted namespace when creating a new namespace. Red Hat OpenShift Enterprise 3.2 permite a usuarios remotos autenticados leer archivos de registro de otro espacio de nombre utilizando el mismo nombre que un espacio de nombre que haya sido eliminado cuando se crea un nuevo espacio de nombre. It was found that OpenShift Enterprise would disclose log file contents from reclaimed namespaces. An attacker could create a new namespace to access log files present in a previously deleted namespace using the same name. • https://access.redhat.com/errata/RHSA-2016:1064 https://access.redhat.com/security/cve/CVE-2016-2149 https://bugzilla.redhat.com/show_bug.cgi?id=1316267 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-2142 – openshift: Bind password for AD account is stored in world readable file
https://notcve.org/view.php?id=CVE-2016-2142
Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file. Red Hat OpenShift Enterprise 3.1 utiliza permisos de lectura para todos en el archivo de configuración /etc/origin/master/master-config.yaml, lo que permite a usuarios locales obtener credenciales del Active Directory leyendo el archivo. An access flaw was discovered in OpenShift; the /etc/origin/master/master-config.yaml configuration file, which could contain Active Directory credentials, was world-readable. A local user could exploit this flaw to obtain authentication credentials from the master-config.yaml file. • https://access.redhat.com/errata/RHSA-2016:1038 https://access.redhat.com/security/cve/CVE-2016-2142 https://bugzilla.redhat.com/show_bug.cgi?id=1311220 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.8EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0791 – jenkins: Non-constant time comparison of CSRF crumbs (SECURITY-245)
https://notcve.org/view.php?id=CVE-2016-0791
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify CSRF tokens, which makes it easier for remote attackers to bypass a CSRF protection mechanism via a brute-force approach. Jenkins en versiones anteriores a 1.650 y LTS en versiones anteriores a 1.642.2 no utiliza un algoritmo de tiempo constante para verificar tokens CSRF, lo que hace más fácil para atacantes remotos eludir el mecanismo de protección CSRF a través de una aproximación por fuerza bruta. • http://rhn.redhat.com/errata/RHSA-2016-1773.html https://access.redhat.com/errata/RHSA-2016:0711 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24 https://access.redhat.com/security/cve/CVE-2016-0791 https://bugzilla.redhat.com/show_bug.cgi?id=1311949 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 97%CPEs: 3EXPL: 4CVE-2016-0792 – Jenkins < 1.650 - Java Deserialization
https://notcve.org/view.php?id=CVE-2016-0792
Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando. Múltiples terminales API no especificadas en Jenkins en versiones anteriores a 1.650 y LTS en versiones anteriores a 1.642.2 permiten a usuarios remotos autenticados ejecutar código arbitrario a través de datos serializados en un archivo XML, relacionado con XStream y groovy.util.Expando. Jenkins versions prior to 1.650 suffer from a java deserialization vulnerability. • https://www.exploit-db.com/exploits/42394 https://www.exploit-db.com/exploits/43375 https://github.com/Aviksaikat/CVE-2016-0792 http://rhn.redhat.com/errata/RHSA-2016-1773.html https://access.redhat.com/errata/RHSA-2016:0711 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24 https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream https://access.redhat.com/security/cve/CVE-2016-0792 https://bugzilla.redhat.com/show_ • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0790 – jenkins: Non-constant time comparison of API token (SECURITY-241)
https://notcve.org/view.php?id=CVE-2016-0790
Jenkins before 1.650 and LTS before 1.642.2 do not use a constant-time algorithm to verify API tokens, which makes it easier for remote attackers to determine API tokens via a brute-force approach. Jenkins en versiones anteriores a 1.650 y LTS en versiones anteriores a 1.642.2 no utiliza un algoritmo de tiempo constante para verificar tokens API, lo que hace más fácil para atacantes remotos determinar tokens API a través de una aproximación por fuerza bruta. • http://rhn.redhat.com/errata/RHSA-2016-1773.html https://access.redhat.com/errata/RHSA-2016:0711 https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2016-02-24 https://access.redhat.com/security/cve/CVE-2016-0790 https://bugzilla.redhat.com/show_bug.cgi?id=1311948 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-254: 7PK - Security Features •