PT-2018-4981 · Linux Foundation+1 · Kubernetes+1

Liggitt

Publicado

2018-09-10

Atualizado

2023-02-12

CVE-2016-7075

CVSS v3.1

8.1

Alta

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Openshift Enterprise 3

Description A flaw was found in the validation of X.509 client intermediate certificate host name fields in Kubernetes as used by Openshift Enterprise. This could allow an attacker to bypass authentication requirements using a specially crafted X.509 certificate.

Recommendations For Openshift Enterprise 3, update the Kubernetes component to correctly validate X.509 client intermediate certificate host name fields. As a temporary workaround, consider restricting access to sensitive resources that rely on X.509 certificate authentication until a patch is available.

Exploit

Correção

Improper Certificate Validation

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-295

Identificadores relacionados

CVE-2016-7075

RHSA-2016:2064

Produtos afetados

Kubernetes

Openshift Enterprise

PT-2018-4981 · Linux Foundation+1 · Kubernetes+1

CVE-2016-7075

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 10