Lucene search
Veracode Vulnerability DatabaseVERACODE:10721HistoryJan 15, 2019 - 8:51 a.m.
Cross-site Request Forgery
2019-01-1508:51:16
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
EPSS
0.002
Percentile
59.6%
OpenShift is susceptible to Cross-Site Request Forgery (CSRF) attacks. It has a flaw in management console( openshift console/app/controllers/application_controller.rb), allowing the attacker to steal the authenticated user session.
References
osvdb.org/88333
rhn.redhat.com/errata/RHSA-2012-1555.html
access.redhat.com/errata/RHSA-2012:1555
access.redhat.com/security/cve/CVE-2012-5622
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=883227
github.com/openshift/origin-server/commit/1ad0d1d792395306b59a34ad7b6e7e89a35d041e
github.com/openshift/origin-server/pull/1009
rhn.redhat.com/errata/RHSA-2012-1555.html
Related
redhat
redhat
(RHSA-2012:1555) Important: openshift-console security update
2012-12-10 00:00:00
cvelist
cvelist
CVE-2012-5622
2012-12-18 01:00:00
cve
cve
CVE-2012-5622
2012-12-18 01:55:07
nessus
nessus
RHEL 6 : openshift-console (RHSA-2012:1555)
2018-12-06 00:00:00
nvd
nvd
CVE-2012-5622
2012-12-18 01:55:07
prion
prion
Cross site request forgery (csrf)
2012-12-18 01:55:00