CVE-2015-8945

Name of the Vulnerable Software and Affected Versions OpenShift Origin versions 1.1.6 and earlier

Description The issue improperly stores router credentials as environment variables in the pod when the --credentials option is used. This allows local users to obtain sensitive private key information by reading the systemd journal.

Recommendations For OpenShift Origin versions 1.1.6 and earlier, consider removing the --credentials option to prevent the storage of router credentials as environment variables, or restrict access to the systemd journal to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.