PT-2012-6063 · Red Hat · Openshift
Calfonso
·
Published
2012-12-18
·
Updated
2023-02-13
·
CVE-2012-5622
CVSS v2.0
6.8
Medium
| Vector | AV:N/AC:M/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
OpenShift version 0.0.5
Description
A cross-site request forgery (CSRF) issue exists in the management console, specifically in the application controller.rb file. This allows remote attackers to hijack the authentication of arbitrary users.
Recommendations
For OpenShift version 0.0.5, update to a version that includes a fix for this issue to prevent CSRF attacks.
Fix
CSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openshift