PT-2019-11637 · Red Hat · Openshift Container Platform

Sam Fowler

Publicado

2019-11-25

Atualizado

2023-02-12

CVE-2019-10213

CVSS v3.1

6.5

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform versions 4.1 and 4.2

Description: The issue allows a low-privileged user to read pod logs and discover secret material if the log level in an operator has been set to Debug or higher by a privileged user. This occurs because secret data written to pod logs is not sanitized.

Recommendations: For OpenShift Container Platform versions 4.1 and 4.2, consider restricting access to pod logs to prevent unauthorized users from reading sensitive information. As a temporary workaround, avoid setting the log level to Debug or higher in operators unless necessary, and ensure that only trusted users have the privilege to modify log levels.

Correção

Insertion into Log File

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-117CWE-532

Identificadores relacionados

CVE-2019-10213

Produtos afetados

Openshift Container Platform

PT-2019-11637 · Red Hat · Openshift Container Platform

CVE-2019-10213

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5