Lucene search

[email protected]CVE-2015-5222

HistoryAug 24, 2015 - 2:59 p.m.

CVE-2015-5222

2015-08-2414:59:07

CWE-264

[email protected]

web.nvd.nist.gov

red hat

openshift enterprise

cve-2015-5222

nvd

security vulnerability

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.7%

JSON

Red Hat OpenShift Enterprise 3.0.0.0 does not properly check permissions, which allows remote authenticated users with build permissions to execute arbitrary shell commands with root permissions on arbitrary build pods via unspecified vectors.

Affected configurations

NVD

Node

redhatopenshiftMatch3.0.0.0enterprise

CPENameOperatorVersion
redhat:openshiftredhat openshifteq3.0.0.0

CPE	Name	Operator	Version
redhat:openshift	redhat openshift	eq	3.0.0.0

References

access.redhat.com/errata/RHSA-2015:1650

8.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:S/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

50.7%

JSON

Related for CVE-2015-5222

veracode1 cvelist1 nvd1 nessus1 prion1 redhat1