PT-2018-10055 · Red Hat · Openshift Routing

Jason Shepherd

Publicado

2018-06-12

Atualizado

2019-10-09

CVE-2018-1070

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Openshift Routing versions prior to 3.10

Description The issue is related to improper input validation of the Openshift Routing configuration, which can cause an entire shard to be brought down. A malicious user can exploit this to cause a Denial of Service attack for other users of the router shard.

Recommendations For versions prior to 3.10, update to version 3.10 or later to resolve the issue.

Correção

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2018-1070

RHSA-2018:2013

Produtos afetados

Openshift Routing

PT-2018-10055 · Red Hat · Openshift Routing

CVE-2018-1070

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4