Cross site request forgery (csrf)

A flaw was found in OpenShift Container Platform, versions 3.11 and later, in which the CSRF tokens used in the cluster console component were found to remain static during a user's session. An attacker with the ability to observe the value of this token would be able to re-use the token to perfo...

PT-2019-11606 · Red Hat · Openshift Container Platform

Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform versions 3.11 and later Description: A flaw was found in the cluster console component where the CSRF tokens remain static during a user's session. An attacker able to observe the value of this token could re-use ...

CVE-2019-10176

A flaw was found in OpenShift Container Platform, versions 3.11 and later, in which the CSRF tokens used in the cluster console component were found to remain static during a user's session. An attacker with the ability to observe the value of this token would be able to re-use the token to perfo...