5 matches found
Information Disclosure
openshift is vulnerable to information disclosure attacks. The vulnerability exists as Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp...
Moderate: Red Hat Security Advisory: Red Hat OpenShift Enterprise 2.1.9 security, bug fix, and enhancement update
Red Hat OpenShift Enterprise release 2.1.9, which fixes two security issues, several bugs, and add one enhancement, is now available. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severi...
OpenShift: /proc/net/tcp information disclosure
It was found that OpenShift Enterprise did not restrict access to the /proc/net/tcp file in gears, which allowed local users to view all listening connections and connected sockets. This could result in remote system's IP or port numbers in use to be exposed, which may be useful for further...
CVE-2014-3602
Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp...
PT-2014-5414 · Red Hat · Red Hat Openshift Enterprise
Name of the Vulnerable Software and Affected Versions: Red Hat OpenShift Enterprise versions prior to 2.2 Description: The issue allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp. Recommendations: For versions prior to 2.2, restrict...