CVE-2016-7075
3: API server does not validate client-provided intermediate certificates correctly
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.
Se ha descubierto que Kubernetes, tal y como se emplea en Openshift Enterprise 3, no valida los campos de nombre del host del certificado intermediario de cliente X.509. Un atacante podrÃa emplear este error para omitir los requisitos de autenticación mediante el uso de un certificado X.509 especialmente manipulado
It was found that Kubernetes did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-08-23 CVE Reserved
- 2016-10-18 CVE Published
- 2024-06-25 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (5)
URL | Tag | Source |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7075 | Issue Tracking |
URL | Date | SRC |
---|---|---|
https://github.com/kubernetes/kubernetes/issues/34517 | 2024-08-06 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2016:2064 | 2023-02-12 | |
https://access.redhat.com/security/cve/CVE-2016-7075 | 2016-10-17 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1384112 | 2016-10-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Kubernetes Search vendor "Kubernetes" | Kubernetes Search vendor "Kubernetes" for product "Kubernetes" | - | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openshift Search vendor "Redhat" for product "Openshift" | 3.1 Search vendor "Redhat" for product "Openshift" and version "3.1" | enterprise |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openshift Search vendor "Redhat" for product "Openshift" | 3.2 Search vendor "Redhat" for product "Openshift" and version "3.2" | enterprise |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openshift Search vendor "Redhat" for product "Openshift" | 3.3 Search vendor "Redhat" for product "Openshift" and version "3.3" | enterprise |
Affected
|