Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
RedhatOpenshift

3 matches found

CVE
CVEadded 2022/09/01 9:15 p.m.1983 views

CVE-2022-2403

A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was stored incorrectly in the oauth-serving-cert ConfigMaps, and accessible to any authenticated OpenShift user or service-account. A malicious user could exploit this flaw by read...

6.5CVSS6.3AI score0.00672EPSS
CVE
CVEadded 2022/09/01 9:15 p.m.131 views

CVE-2022-1677

In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. This malformed entry can match any arbitrary hostname, or all hostnames in the cluster, and direct tra...

6.3CVSS6.2AI score0.00098EPSS
CVE
CVEadded 2022/09/01 9:15 p.m.82 views

CVE-2022-1632

An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of confid...

6.5CVSS6.3AI score0.00129EPSS