CVE-2020-8659 – envoy: Excessive CPU and/or memory usage when proxying HTTP/1.1
https://notcve.org/view.php?id=CVE-2020-8659
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks. CNCF Envoy versiones hasta 1.13.0, puede consumir cantidades excesivas de memoria cuando se hace proxy a peticiones o respuestas HTTP/1.1 con muchos fragmentos pequeños (es decir, 1 byte). A resource consumption vulnerability was found in the servicemesh-proxy in Envoy. An attacker could send specially crafted small HTTP/1.1 packets that, when processed, could cause excessive amounts of memory to be used, possibly degrading or crashing the application. • https://access.redhat.com/errata/RHSA-2020:0734 https://github.com/envoyproxy/envoy/security/advisories/GHSA-jwcm-4pwp-c2qv https://lists.debian.org/debian-lts-announce/2022/05/msg00025.html https://www.envoyproxy.io/docs/envoy/v1.13.1/intro/version_history https://access.redhat.com/security/cve/CVE-2020-8659 https://bugzilla.redhat.com/show_bug.cgi?id=1802539 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2019-19346 – openshift/mariadb-apb: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2019-19346
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se detectó una vulnerabilidad de modificación no segura en el archivo /etc/passwd en el contenedor openshift/mariadb-apb, que afecta a las versiones anteriores a las siguientes 4.3.5, 4.2.21, 4.1.37 y 3.11.188-4. Un atacante con acceso al contenedor podría utilizar este fallo para modificar el archivo /etc/passwd y escalar sus privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19346 https://access.redhat.com/security/cve/CVE-2019-19346 https://bugzilla.redhat.com/show_bug.cgi?id=1793289 https://access.redhat.com/articles/4859371 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVE-2019-19348 – openshift/apb-base: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2019-19348
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se detectó una vulnerabilidad de modificación no segura en el archivo /etc/passwd en el contenedor openshift/apb-base, que afecta a las versiones anteriores a las siguientes 4.3.5, 4.2.21, 4.1.37 y 3.11.188-4. Un atacante con acceso al contenedor podría utilizar este fallo para modificar el archivo /etc/passwd y escalar sus privilegios. • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19348 https://access.redhat.com/security/cve/CVE-2019-19348 https://bugzilla.redhat.com/show_bug.cgi?id=1793286 https://access.redhat.com/articles/4859371 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVE-2020-8595 – istio: unauthorised access to JWT protected HTTP path
https://notcve.org/view.php?id=CVE-2020-8595
Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match. Las versiones Istio 1.2.10 (End of Life) y anteriores, 1.3 a 1.3.7, y 1.4 a 1.4.3 permiten la omisión de autenticación. • https://access.redhat.com/errata/RHSA-2020:0477 https://access.redhat.com/security/cve/cve-2020-8595 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-8595 https://github.com/istio/istio/commits/master https://istio.io/news/security https://istio.io/news/security/istio-security-2020-001 https://access.redhat.com/security/cve/CVE-2020-8595 https://bugzilla.redhat.com/show_bug.cgi?id=1798247 • CWE-285: Improper Authorization CWE-287: Improper Authentication •
CVE-2014-0234
https://notcve.org/view.php?id=CVE-2014-0234
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in Openshift Extras before 20130920. NOTE: this may overlap CVE-2013-4253 and CVE-2013-4281. La configuración predeterminada de broker.conf en Red Hat OpenShift Enterprise versiones 2.x anteriores a 2.1, presenta una contraseña de "mooo" para una cuenta Mongo, lo que permite a atacantes remotos secuestrar el broker al proporcionar esta contraseña, relacionada con el script openshift.sh en Openshift Extras versiones anteriores a 20130920. NOTA: esto puede solaparse a CVE-2013-4253 y CVE-2013-4281. • http://openwall.com/lists/oss-security/2014/06/05/19 http://www.securityfocus.com/bid/67657 https://bugzilla.redhat.com/show_bug.cgi?id=1097008 https://github.com/openshift/openshift-extras/blob/master/README.md https://rhn.redhat.com/errata/RHSA-2014-0487.html • CWE-1188: Initialization of a Resource with an Insecure Default •