EUVD-2021-2318

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-3917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a...

Linux Distros Unpatched Vulnerability : CVE-2022-1706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only...

GO-2022-0451 Ignition config accessible to unprivileged software on VMware in github.com/coreos/ignition

Ignition config accessible to unprivileged software on VMware in github.com/coreos/ignition...

GHSA-HJ57-J5CW-2MWP Ignition config accessible to unprivileged software on VMware

Impact Unprivileged software in VMware VMs, including software running in unprivileged containers, can retrieve an Ignition config stored in a hypervisor guestinfo variable or OVF environment. If the Ignition config contains secrets, this can result in the compromise of sensitive information...

Ignition config accessible to unprivileged software on VMware

Impact Unprivileged software in VMware VMs, including software running in unprivileged containers, can retrieve an Ignition config stored in a hypervisor guestinfo variable or OVF environment. If the Ignition config contains secrets, this can result in the compromise of sensitive information...

CVE-2022-1706

A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data...

Design/Logic Flaw

A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only relevant in user environments where the Ignition config contains secrets. The highest threat from this vulnerability is to data...

CVE-2021-20238

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...

Design/Logic Flaw

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...

CVE-2021-20238

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...

CVE-2021-20238

CVE-2021-20238 affects OpenShift Container Platform 4 where the ignition config served by the Machine Config Server can be accessed externally (port 22623, the MCS endpoint) without authentication. This exposes ignition data used to bootstrap nodes (e.g., registry pull secrets) in two scenarios: ...

Red Hat OpenShift Container Platform 访问控制错误漏洞

Red Hat OpenShift Container Platform is a suite of application platforms from Red Hat, Inc. that enable organizations to develop, deploy, and manage existing container-based applications across physical, virtual, and public cloud infrastructures. An access control error vulnerability exists in...

PT-2022-9172 · Red Hat · Openshift Container Platform 4

Name of the Vulnerable Software and Affected Versions: OpenShift Container Platform 4 affected versions not specified Description: It was found that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623...

coreos-installer: restrict access permissions on /boot/ignition{,/config.ign}

A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality...

coreos-installer < 0.10.0 writes world-readable Ignition config to installed system

Impact On systems installed with coreos-installer before 0.10.0, the user-provided Ignition config was written to /boot/ignition/config.ign with world-readable permissions, granting unprivileged users access to any secrets included in the config. Default configurations of Fedora CoreOS and RHEL...

GHSA-862G-9H5M-M3QV coreos-installer < 0.10.0 writes world-readable Ignition config to installed system

Impact On systems installed with coreos-installer before 0.10.0, the user-provided Ignition config was written to /boot/ignition/config.ign with world-readable permissions, granting unprivileged users access to any secrets included in the config. Default configurations of Fedora CoreOS and RHEL...

PT-2021-22427 · Unknown · Coreos-Installer

Name of the Vulnerable Software and Affected Versions: coreos-installer versions prior to 0.10.0 Description: A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read...

coreos-installer: restrict access permissions on /boot/ignition{,/config.ign}

A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality...

CVE-2021-20238

It was found in OpenShift Container Platform 4 that ignition config, served by the Machine Config Server, can be accessed externally from clusters without authentication. The MCS endpoint port 22623 provides ignition configuration used for bootstrapping Nodes and can include some sensitive data,...