PT-2016-4063 · Red Hat · Openshift Origin
Maxamillion
·
Published
2016-08-05
·
Updated
2016-08-05
·
CVE-2015-8945
CVSS v2.0
1.9
Low
| Vector | AV:L/AC:M/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
OpenShift Origin versions 1.1.6 and earlier
Description
The issue improperly stores router credentials as environment variables in the pod when the --credentials option is used. This allows local users to obtain sensitive private key information by reading the systemd journal.
Recommendations
For OpenShift Origin versions 1.1.6 and earlier, consider removing the --credentials option to prevent the storage of router credentials as environment variables, or restrict access to the systemd journal to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Openshift Origin