OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or private
cloud deployments.
It was discovered that openshift-origin-broker configured several default
user names and passwords for services if no user name or password was
specified during installation. A remote attacker could use these default
user names and passwords to access various parts of the OpenShift
Enterprise installation with the privileges of an administrative user.
(CVE-2014-0234)
This issue was discovered by Kurt Seifried of the Red Hat Security
Response Team.
The OpenShift Enterprise 2.1 Release Notes provide information about new
features and notable technical changes in this release, as well as notes on
initial installations. For more information about OpenShift Enterprise,
see the documentation available at:
https://access.redhat.com/site/documentation/en-US/OpenShift_Enterprise/2/
All OpenShift Enterprise users are advised to upgrade to release 2.1.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | 6 | noarch | rubygem-net-scp | < 1.1.2-2.el6op | rubygem-net-scp-1.1.2-2.el6op.noarch.rpm |
RedHat | 6 | x86_64 | gd-debuginfo | < 2.0.35-11.el6 | gd-debuginfo-2.0.35-11.el6.x86_64.rpm |
RedHat | 6 | noarch | rubygem-spruz | < 0.2.5-4.el6op | rubygem-spruz-0.2.5-4.el6op.noarch.rpm |
RedHat | 6 | noarch | perl-dbix-contextualfetch | < 1.03-7.el6op | perl-DBIx-ContextualFetch-1.03-7.el6op.noarch.rpm |
RedHat | 6 | src | perl-app-cpanminus | < 1.4008-1.el6op | perl-App-cpanminus-1.4008-1.el6op.src.rpm |
RedHat | 6 | src | openshift-origin-cartridge-php | < 1.23.3.4-1.el6op | openshift-origin-cartridge-php-1.23.3.4-1.el6op.src.rpm |
RedHat | 6 | src | php-pear-mdb2 | < 2.5.0-0.3.b3.el6op | php-pear-MDB2-2.5.0-0.3.b3.el6op.src.rpm |
RedHat | 6 | x86_64 | ruby193-ruby-selinux-debuginfo | < 2.0.94-3.el6op | ruby193-ruby-selinux-debuginfo-2.0.94-3.el6op.x86_64.rpm |
RedHat | 6 | x86_64 | libwebp-devel | < 0.3.0-2.el6op | libwebp-devel-0.3.0-2.el6op.x86_64.rpm |
RedHat | 6 | src | rubygem-passenger | < 3.0.21-9.el6op | rubygem-passenger-3.0.21-9.el6op.src.rpm |