Arbitrary File Overwrite

🗓️ 02 May 2019 04:52:24Reported by Veracode Vulnerability DatabaseType

veracode🔗 sca.analysiscenter.veracode.com👁 33 Views

Arbitrary File Overwrite in Red Hat OpenShift Enterprise due to multiple security issues including retrieving cryptographic key, sensitive information exposure, and web interface flaws

Reporter	Title	Published	Views	Family All 139
IBM Security Bulletins	Security Bulletin: IBM Security Network Intrusion Prevention System can be affected by vulnerabilities in Ruby on Rails (CVE-2012-2660, CVE-2012-2694, CVE-2013-0156, CVE-2012-6496, CVE-2012-3424, and CVE-2012-2695)	25 Jan 202120:13	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM Aspera Console	25 Sep 202516:50	–	ibm
ATTACKERKB	CVE-2013-0158	24 Feb 201322:55	–	attackerkb
ATTACKERKB	CVE-2013-0164	24 Feb 201322:55	–	attackerkb
Circl	CVE-2013-0158	22 Aug 201315:03	–	circl
CVE	CVE-2012-5658	24 Feb 201322:00	–	cve
CVE	CVE-2012-6072	24 Feb 201322:00	–	cve
CVE	CVE-2012-6073	24 Feb 201322:00	–	cve
CVE	CVE-2012-6074	24 Feb 201322:00	–	cve
CVE	CVE-2012-6496	4 Jan 201302:00	–	cve

Vulners

Node

redhat openshift-origin-node-utilMatch1.0.5_1.el6op

redhat openshift-origin-node-utilMatch1.0.5_3.el6op

rubygem-openshift-origin-node rubygem-openshift-origin-nodeMatch1.0.7_1.el6op

openshift-origin-broker openshift-origin-brokerMatch1.0.1_1.el6op

openshift-origin-broker openshift-origin-brokerMatch1.0.2_1.el6

openshift-origin-cartridge-ruby-1.9-scl openshift-origin-cartridge-ruby-1.9-sclMatch1.0.3_1.el6op

openshift-origin-cartridge-ruby-1.8 openshift-origin-cartridge-ruby-1.8Match1.0.4_1.el6op

openshift-origin-msg-node-mcollective openshift-origin-msg-node-mcollectiveMatch1.0.1_1.el6op

openshift-origin-cartridge-haproxy-1.4 openshift-origin-cartridge-haproxy-1.4Match1.0.2_1.el6op

mongodb mongodbMatch1.6.4_4.el6

mongodb mongodbMatch2.0.2_2.el6op

mongodb mongodbMatch1.8.2_4.el6

mongodb mongodbMatch1.6.4_3.el6_0

mongodb mongodbMatch1.8.2_2.el6

openshift-console openshift-consoleMatch0.0.5_1.el6op

openshift-console openshift-consoleMatch0.0.5_3.el6

ruby193-rubygem-activerecord ruby193-rubygem-activerecordMatch3.2.8_1.el6

rubygem-activerecord rubygem-activerecordMatch3.0.10_6.el6cf

rubygem-activerecord rubygem-activerecordMatch3.0.13_2.el6op

rubygem-activerecord rubygem-activerecordMatch3.0.10_2.el6

rubygem-activerecord rubygem-activerecordMatch3.0.10_3.el6

rubygem-activerecord rubygem-activerecordMatch3.0.10_8.el6cf

rubygem-openshift-origin-auth-remote-user rubygem-openshift-origin-auth-remote-userMatch1.0.3_1.el6op

rubygem-openshift-origin-common rubygem-openshift-origin-commonMatch1.0.1_2.el6op

ruby193-rubygem-passenger ruby193-rubygem-passengerMatch3.0.12_18.el6op

rubygem-openshift-origin-msg-broker-mcollective rubygem-openshift-origin-msg-broker-mcollectiveMatch1.0.2_1.el6op

rubygem-openshift-origin-console rubygem-openshift-origin-consoleMatch1.0.3_1.el6op

openshift-origin-port-proxy openshift-origin-port-proxyMatch1.0.1_1.el6op

rubygem-openshift-origin-dns-bind rubygem-openshift-origin-dns-bindMatch1.0.1_1.el6op

rubygem-openshift-origin-controller rubygem-openshift-origin-controllerMatch1.0.7_1.el6op

openshift-origin-broker-util openshift-origin-broker-utilMatch1.0.5_1.el6op

Source	Link
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/knowledge/docs/
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
bugzilla	www.bugzilla.redhat.com/show_bug.cgi

13 Feb 2023 07:19Current

6.7Medium risk

Vulners AI Score6.7

CVSS 27.5

EPSS0.01017