Lucene search

[email protected]CVE-2016-3711

HistoryJun 08, 2016 - 5:59 p.m.

CVE-2016-3711

2016-06-0817:59:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2016-3711

haproxy

red hat openshift

nvd

security vulnerability

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.2 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the “OPENSHIFT_[namespace]_SERVERID” cookie.

CPENameOperatorVersion
redhat:openshiftredhat openshifteq3.2
redhat:openshift_originredhat openshift origineq-

CPE	Name	Operator	Version
redhat:openshift	redhat openshift	eq	3.2
redhat:openshift_origin	redhat openshift origin	eq	-

References

access.redhat.com/errata/RHSA-2016:1064

github.com/openshift/origin/pull/8334

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

4.2 Medium

AI Score

Confidence

High

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

5.2%

JSON

Related for CVE-2016-3711

ubuntucve1 prion1 veracode1 cvelist1 redhat1 nessus1