0.0004 Low
EPSS
Percentile
5.1%
github.com/openshift/origin is vulnerable to information disclosure. The HAproxy allows puts the internal IP address of a pod into the OPENSHIFT_[namespace]_SERVERID cookie, allowing local users to obtain this information.
OPENSHIFT_[namespace]_SERVERID
access.redhat.com/errata/RHSA-2016:1064
access.redhat.com/security/cve/CVE-2016-3711
bugzilla.redhat.com/show_bug.cgi?id=1318796
bugzilla.redhat.com/show_bug.cgi?id=1322718
github.com/openshift/origin/pull/8334