RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:3541)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3541 advisory. - jenkins-jira-plugin: plugin information disclosure CVE-2019-16541 - openshift-ansible: cors allowed origin allows changing url...

Man-in-the-Middle (MitM)

openshift-ansible is vulnerable to Man-in-the-Middle MitM. cors allowed origin allows changing url protocol...

openshift-ansible: cors allowed origin allows changing url protocol

A flaw was found in openshift-ansible. OpenShift Container Platform OCP 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perfo...

CVE-2020-1741

A flaw was found in openshift-ansible. OpenShift Container Platform OCP 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perfo...

CVE-2020-1741

A flaw was found in openshift-ansible. OpenShift Container Platform OCP 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perfo...

Design/Logic Flaw

A flaw was found in openshift-ansible. OpenShift Container Platform OCP 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perfo...

CVE-2020-1741

CVE-2020-1741 affects OpenShift Container Platform 3.11 via openshift-ansible, where CORS allowed origins are configured too permissively during installation. This enables a MITM between a user’s browser and the OpenShift console to facilitate phishing, with confidentiality as the main risk. Publ...

CVE-2019-19355

An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as...

Design/Logic Flaw

An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as...

CVE-2019-19350

An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges...

Authorization Bypass

openshift-ansible is vulnerable to authorization bypass. The vulnerability exists as dockergc service account incorrectly associated with namespace during upgrade...

Information Disclosure

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

Remote Code Execution (RCE)

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

Cross-Site Scripting (XSS)Cross-Site Scripting (XSS)

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.51. See the following advisory for the container...

RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2018:2013)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2013 advisory. Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private...

RHEL 7 : ansible and openshift-ansible (RHSA-2017:1244)

An update for ansible and openshift-ansible is now available for Red Hat OpenShift Container Platform 3.2, Red Hat OpenShift Container Platform 3.3, Red Hat OpenShift Container Platform 3.4, and Red Hat OpenShift Container Platform 3.5. Red Hat Product Security has rated this update as having a...

Red Hat openshift-ansible SSL Client Certificate Authentication Vulnerability

Red Hat OpenShift is a Platform-as-a-Service PaaS cloud computing platform from Red Hat, Inc. that builds, tests, deploys, and runs applications. openshift-ansible is one of the tools for installing, upgrading, and managing OpenShift. A security vulnerability exists in Red Hat openshift-ansible...

CVE-2018-1085

CVE-2018-1085 affects OpenShift OpenShift-ansible deployments: OpenShift Ansible before 3.9.23 and 3.7.46 deploys etcd with a misconfigured etcd.conf where ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH values are quoted, causing SSL client certificate authentication to be disabled. This en...