CVE-2016-3711

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions HAproxy in Red Hat OpenShift Enterprise version 3.2 HAproxy in OpenShift Origin version 3.2

Description The issue allows local users to obtain the internal IP address of a pod by reading the OPENSHIFT [namespace] SERVERID cookie.

Recommendations For HAproxy in Red Hat OpenShift Enterprise version 3.2, restrict access to the OPENSHIFT [namespace] SERVERID cookie to minimize the risk of exploitation. For HAproxy in OpenShift Origin version 3.2, consider implementing additional security measures to protect the OPENSHIFT [namespace] SERVERID cookie from unauthorized access.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2016-3711

RHSA-2016:1064

Affected Products

Haproxy

Openshift Origin

Red Hat Openshift Enterprise

CVE-2016-3711

Weakness Enumeration

Related Identifiers

Affected Products

References · 4