CVE-2012-5622

Cross-site request forgery CSRF vulnerability in the management console openshift-console/app/controllers/applicationcontroller.rb in OpenShift 0.0.5 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors...

CVE-2012-5622

OpenShift CSRF in the management console (openshift-console/app/controllers/application_controller.rb) of OpenShift 0.0.5 allows an attacker to hijack user sessions. The issue is confirmed across multiple sources (RHSA-2012:1555, Veracode summary, CVE-2012-5622). Root cause: improper CSRF protect...

openshift-console: CSRF attack

Cross-site request forgery CSRF vulnerability in the management console openshift-console/app/controllers/applicationcontroller.rb in OpenShift 0.0.5 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors...

Important: Red Hat Security Advisory: openshift-console security update

An updated openshift-console package that fixes one security issue is now available for OpenShift Enterprise. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Scientific Linux Security Update : selinux-policy enhancement update on SL5.x, SL6.x i386/x86_64 (20121119)

This update adds the following enhancements : - An SELinux policy for openshift packages has been added This update has been placed in the security tree to avoid selinux related problems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...