CVE-2016-7075 – 3: API server does not validate client-provided intermediate certificates correctly

https://notcve.org/view.php?id=CVE-2016-7075

18 Oct 2016 — It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate. Se ha descubierto que Kubernetes, tal y como se emplea en Openshift Enterprise 3, no valida los campos de nombre del host del certificado intermediario de cliente X.509. Un atacante podría emplear este error para omitir los requisitos de autenticac... • https://access.redhat.com/errata/RHSA-2016:2064 • CWE-295: Improper Certificate Validation •