PT-2015-6805 · Red Hat · Red Hat Openshift Enterprise

Cesar Wong

Publicado

2015-08-24

Atualizado

2023-02-13

CVE-2015-5222

CVSS v2.0

8.5

Alta

Vetor

AV:N/AC:M/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Red Hat OpenShift Enterprise version 3.0.0.0

Description The issue allows remote authenticated users with build permissions to execute arbitrary shell commands with root permissions on arbitrary build pods.

Recommendations For Red Hat OpenShift Enterprise version 3.0.0.0, update the system to properly check permissions and prevent unauthorized access to build pods. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

CVE-2015-5222

RHSA-2015:1650

Produtos afetados

Red Hat Openshift Enterprise

PT-2015-6805 · Red Hat · Red Hat Openshift Enterprise

CVE-2015-5222

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 2