PT-2016-5029 · Red Hat · Red Hat Openshift Enterprise
Published
2016-06-08
·
Updated
2023-02-13
·
CVE-2016-2149
CVSS v3.1
6.5
Medium
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Red Hat OpenShift Enterprise version 3.2
Description
The issue allows remote authenticated users to read log files from another namespace. This can be achieved by creating a new namespace with the same name as a previously deleted namespace.
Recommendations
For Red Hat OpenShift Enterprise version 3.2, update to a version that includes a fix for this issue to prevent unauthorized access to log files.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Red Hat Openshift Enterprise