Red Hat OpenShift Enterprise is a cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
An improper permission check issue was discovered in the server admission control component in OpenShift. A user with build permissions could use this flaw to execute arbitrary shell commands on a build pod with the privileges of the root user. (CVE-2015-5222)
This issue was discovered by Cesar Wong of the Red Hat OpenShift Enterprise Team.
All OpenShift Enterprise users are advised to upgrade to these updated packages, which correct this issue.