CVE-2019-19335

Name of the Vulnerable Software and Affected Versions OpenShift versions 4.2

Description The issue arises during the installation of an OpenShift 4 cluster, where the openshift-install command line tool creates an auth directory. This directory contains kubeconfig and kubeadmin-password files, which hold credentials for authenticating to the OpenShift API server. However, these files are incorrectly assigned word-readable permissions, potentially exposing the credentials.

Recommendations For OpenShift version 4.2, ensure the kubeconfig and kubeadmin-password files have appropriate permissions to prevent unauthorized access. Consider restricting access to these files until a proper fix is applied. At the moment, there is no information about a newer version that contains a fix for this vulnerability.