CVE-2019-10213
openshift: Secret data written to pod logs when operator set at Debug level or higher
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.
OpenShift Container Platform, versiones 4.1 y 4.2, no sanea los datos secretos escritos en los registros de pod cuando el nivel de registro en un operador dado se establece en Debug o superior. Un usuario poco privilegiado podrĂa leer registros de pod para detectar material secreto si el nivel de registro ya ha sido modificado en un operador por parte de un usuario privilegiado.
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory includes ose-cluster-authentication-operator-container, ose-cluster-config-operator-container, and ose-cluster-kube-apiserver-operator-container, which have been updated with the a fix to address a secret disclosure issue.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-03-27 CVE Reserved
- 2019-09-17 CVE Published
- 2024-08-04 CVE Updated
- 2025-04-06 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-117: Improper Output Neutralization for Logs
- CWE-532: Insertion of Sensitive Information into Log File
CAPEC
References (5)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10213 | 2023-02-12 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2019:4082 | 2023-02-12 | |
https://access.redhat.com/errata/RHSA-2019:4088 | 2023-02-12 | |
https://access.redhat.com/security/cve/CVE-2019-10213 | 2019-12-17 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1734615 | 2019-12-17 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.1 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.1" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Safe
|
Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 4.2 Search vendor "Redhat" for product "Openshift Container Platform" and version "4.2" | - |
Affected
| in | Redhat Search vendor "Redhat" | Enterprise Linux Search vendor "Redhat" for product "Enterprise Linux" | 7.0 Search vendor "Redhat" for product "Enterprise Linux" and version "7.0" | - |
Safe
|