CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1085 – openshift-ansible: Incorrectly quoted values in etcd.conf causes disabling of SSL client certificate authentication
https://notcve.org/view.php?id=CVE-2018-1085
15 Jun 2018 — openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote users to connect without any authentication if they can access the etcd server bound to the network on the master nodes. An attacker could use this flaw to read and modify all the data about the Openshift cluster ... • https://access.redhat.com/errata/RHSA-2018:2013 • CWE-287: Improper Authentication CWE-592: DEPRECATED: Authentication Bypass Issues •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1070 – Routing: Malicous Service configuration can bring down routing for an entire shard.
https://notcve.org/view.php?id=CVE-2018-1070
12 Jun 2018 — routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard. routing en versiones anteriores a la 3.10 es vulnerable a una validación de entradas incorrecta de la configuración de Openshift Routing que puede permitir que una partición entera se caiga. Un usuario malicioso puede emplear esta... • https://access.redhat.com/errata/RHSA-2018:2013 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-12195 – 3: authentication bypass for elasticsearch with external routes
https://notcve.org/view.php?id=CVE-2017-12195
28 Nov 2017 — A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearch be configured with an external route, and the data accessed is limited to the indices. Se ha encontrado un fallo en todas las versiones de Openshift Enterprise que utilizan el plugin openshift elasticsearch. Un ... • https://access.redhat.com/errata/RHSA-2017:3188 • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation •