Jordan Liggitt

**Name of the Vulnerable Software and Affected Versions** OpenShift Enterprise 3 (affected versions not specified) **Description** The issue arises from the OpenShift Enterprise 3 router's failure to properly sort routes when processing new additions. This allows an attacker with route creation access to potentially overwrite existing routes, thereby redirecting network traffic intended for other users to their own site. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Red Hat OpenShift Enterprise versions 3.1 through 3.2 **Description** The issue arises from improper validation of the origin of a request when anonymous access is granted to a service/proxy or pod/proxy API for a specific pod. This allows remote attackers to access API credentials in the web browser localStorage via an access token in the query parameter. **Recommendations** For Red Hat OpenShift Enterprise versions 3.1 through 3.2, consider restricting anonymous access to service/proxy or pod/proxy APIs to minimize the risk of exploitation. As a temporary workaround, restrict access to the localStorage and ensure proper validation of request origins to prevent unauthorized access to API credentials.

**Name of the Vulnerable Software and Affected Versions** Kubernetes versions prior to 1.2.0-alpha.5 **Description** The issue allows remote attackers to read arbitrary pod logs via a container name. This is related to a lack of protection for service data in the Kubernetes cluster management tool and the OpenShift cloud platform. **Recommendations** For versions prior to 1.2.0-alpha.5, update to version 1.2.0-alpha.5 or later to resolve the issue. As a temporary workaround, consider restricting access to pod logs to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Kubernetes versions prior to the fixed version Red Hat OpenShift Enterprise version 3.0 **Description** A directory traversal issue exists due to improper handling of crafted object type names before they are passed to etcd. This allows attackers to write to arbitrary files, exploiting the vulnerability. The issue arises from the lack of validation of object names. **Recommendations** For Kubernetes versions prior to the fixed version, consider restricting access to etcd to minimize the risk of exploitation. For Red Hat OpenShift Enterprise version 3.0, update to a version that includes the fix for this issue. As a temporary workaround, consider validating object type names before passing them to etcd to prevent directory traversal attacks.