CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1070 – Routing: Malicous Service configuration can bring down routing for an entire shard.
https://notcve.org/view.php?id=CVE-2018-1070
routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard. routing en versiones anteriores a la 3.10 es vulnerable a una validación de entradas incorrecta de la configuración de Openshift Routing que puede permitir que una partición entera se caiga. Un usuario malicioso puede emplear esta vulnerabilidad para provocar un ataque de denegación de servicio (DoS) para otros usuarios de la partición del router. Improper input validation of the Openshift Routing configuration can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard. • https://access.redhat.com/errata/RHSA-2018:2013 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1070 https://access.redhat.com/security/cve/CVE-2018-1070 https://bugzilla.redhat.com/show_bug.cgi?id=1553035 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2017-12195 – 3: authentication bypass for elasticsearch with external routes
https://notcve.org/view.php?id=CVE-2017-12195
A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearch be configured with an external route, and the data accessed is limited to the indices. Se ha encontrado un fallo en todas las versiones de Openshift Enterprise que utilizan el plugin openshift elasticsearch. Un atacante con conocimiento del nombre usado para autenticar y acceder a Elasticsearch puede acceder a él más tarde sin el token, evitando la autenticación. • https://access.redhat.com/errata/RHSA-2017:3188 https://access.redhat.com/errata/RHSA-2017:3389 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-12195 https://access.redhat.com/security/cve/CVE-2017-12195 https://bugzilla.redhat.com/show_bug.cgi?id=1501986 • CWE-287: Improper Authentication CWE-295: Improper Certificate Validation •
CVSS: 9.8EPSS: 2%CPEs: 16EXPL: 0CVE-2017-7481 – ansible: Security issue with lookup return not tainting the jinja2 environment
https://notcve.org/view.php?id=CVE-2017-7481
Ansible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated. Ansible en versiones anteriores a la 2.3.1.0 y 2.4.0.0 no marca correctamente los resultados del plugin lookup como no seguros. Si un atacante pudiese controlar los resultados de las llamadas lookup(), podrían inyectar cadenas Unicode para que sean analizadas por el sistema de plantillas jinja2, resultando en una ejecución de código. • http://www.securityfocus.com/bid/98492 https://access.redhat.com/errata/RHSA-2017:1244 https://access.redhat.com/errata/RHSA-2017:1334 https://access.redhat.com/errata/RHSA-2017:1476 https://access.redhat.com/errata/RHSA-2017:1499 https://access.redhat.com/errata/RHSA-2017:1599 https://access.redhat.com/errata/RHSA-2017:2524 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7481 https://github.com/ansible/ansible/commit/ed56f51f185a1ffd7ea57130d260098686fcc7c2 https://lists.deb • CWE-20: Improper Input Validation •