Remote Code Execution (RCE)

🗓️ 15 Jan 2019 08:54:05Reported by Veracode Vulnerability DatabaseType

veracode

veracode🔗 sca.analysiscenter.veracode.com👁 22 Views

Vulnerability in rubygem-openshift-origin-node allows remote code execution with root privileges

Reporter	Title	Published	Views	Family All 21
CVE	CVE-2014-3496	20 Jun 201414:00	–	cve
Cvelist	CVE-2014-3496	20 Jun 201414:00	–	cvelist
EUVD	EUVD-2014-3501	7 Oct 202500:30	–	euvd
NVD	CVE-2014-3496	20 Jun 201414:55	–	nvd
OSV	RHSA-2014:0762 Red Hat Security Advisory: rubygem-openshift-origin-node security update	13 Sep 202408:53	–	osv
OSV	RHSA-2014:0763 Red Hat Security Advisory: rubygem-openshift-origin-node security update	13 Sep 202408:53	–	osv
OSV	RHSA-2014:0764 Red Hat Security Advisory: rubygem-openshift-origin-node security update	13 Sep 202408:53	–	osv
Prion	Design/Logic Flaw	20 Jun 201414:55	–	prion
Positive Technologies	PT-2014-5359 · Red Hat · Openshift Origin +1	20 Jun 201400:00	–	ptsecurity
Tenable Nessus	RHEL 6 : rubygem-openshift-origin-node (RHSA-2014:0762)	4 Dec 201800:00	–	nessus

Vulners

Node

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.9.14.3_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.0.13_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.0.11_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.9.13_1.2.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.9.14.1_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.9.14.5_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.0.7_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.0.10_6.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.9.14.6_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.9.14.7_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.17.5.6_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.17.5_2.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.17.5.16_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.17.5.12_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.17.5.4_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.17.5.11_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.17.5.15_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.23.9.4_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.23.9.3_1.el6op

OR

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.23.9.8_1.el6op

OR

rubygem-openshift-origin-container-selinux rubygem-openshift-origin-container-selinuxMatch0.4.1.2_1.el6op

OR

rubygem-openshift-origin-container-selinux rubygem-openshift-origin-container-selinuxMatch0.4.1_2.el6op

OR

rubygem-openshift-origin-container-selinux rubygem-openshift-origin-container-selinuxMatch0.8.1.1_1.el6op

OR

rubygem-openshift-origin-container-selinux rubygem-openshift-origin-container-selinuxMatch0.4.1.3_1.el6op

Source	Link
secunia	www.secunia.com/advisories/59298
access	www.access.redhat.com/security/updates/classification/
rhn	www.rhn.redhat.com/errata/RHSA-2014-0762.html
access	www.access.redhat.com/errata/RHSA-2014:0762
access	www.access.redhat.com/errata/RHSA-2014:0763
access	www.access.redhat.com/errata/RHSA-2014:0764
access	www.access.redhat.com/security/cve/CVE-2014-3496
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/openshift/origin-server/pull/5521
rhn	www.rhn.redhat.com/errata/RHSA-2014-0762.html

13 Feb 2023 01:51Current

7.3High risk

Vulners AI Score7.3

CVSS 210

EPSS0.05407

remote code execution vulnerability rubygem-openshift-origin-node root privileges web interface remote attacker arbitrary code