5 matches found
CVE-2021-20198
A flaw was found in the OpenShift Installer. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated /exec...
Design/Logic Flaw
A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.5.31 bug fix and security update
Red Hat OpenShift Container Platform release 4.5.31 is now available with updates to packages and images that fix several bugs. This release also includes a security update for Red Hat OpenShift Container Platform 4.5. Red Hat Product Security has rated this update as having a security impact of...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.6.16 security and bug fix update
Red Hat OpenShift Container Platform release 4.6.16 is now available with updates to packages and images that fix several bugs. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
Sybil Attacks
github.com/nebulouslabs/sia is vulnerable to sybil attacks. The attacks can be easily triggered because it does not prevent multiple connections from the same IP address. When bootstrap nodes are "full" i.e., 128 connections, it does not accept any new peers without disconnecting its current peer...