PT-2018-5038 · Red Hat · Openshift Enterprise

Jordan Liggitt

Publicado

2018-07-31

Atualizado

2023-02-12

CVE-2016-8631

CVSS v3.1

7.7

Alta

Vetor

AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions OpenShift Enterprise 3 (affected versions not specified)

Description The issue arises from the OpenShift Enterprise 3 router's failure to properly sort routes when processing new additions. This allows an attacker with route creation access to potentially overwrite existing routes, thereby redirecting network traffic intended for other users to their own site.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-20

Identificadores relacionados

CVE-2016-8631

RHSA-2016:2696

Produtos afetados

Openshift Enterprise

PT-2018-5038 · Red Hat · Openshift Enterprise

CVE-2016-8631

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5