Red Hat · Red Hat Openshift Enterprise · CVE-2016-5392
**Name of the Vulnerable Software and Affected Versions**
Red Hat OpenShift Enterprise version 3.2
**Description**
The issue allows remote authenticated users with knowledge of other project names to obtain sensitive project and user information in a multi-tenant environment. This is related to vectors involving the watch-cache list.
**Recommendations**
For Red Hat OpenShift Enterprise version 3.2, consider restricting access to the watch-cache list as a temporary workaround until a patch is available. Additionally, limit the visibility of project names to authorized users to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.