PT-2016-5687 · Red Hat+1 · Red Hat Openshift Enterprise+1
Published
2016-06-08
·
Updated
2023-02-12
·
CVE-2016-3738
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Red Hat OpenShift Enterprise version 3.2
Description
The issue is related to improper access restriction to STI builds, allowing remote authenticated users to access the Docker socket and gain privileges. This is achieved through vectors related to build-pod.
Recommendations
For Red Hat OpenShift Enterprise version 3.2, consider restricting access to the Docker socket as a temporary workaround until a patch is available. Additionally, review and restrict build-pod related vectors to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Docker
Red Hat Openshift Enterprise