Lucene search
HistoryFeb 24, 2013 - 10:55 p.m.
CVE-2013-0164
nvd
cve-2013-0164
information security
red hat openshift origin
symlink attack
temporary file
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.
Affected configurations
Node
redhatopenshiftRange≤1.0-enterprise
ORredhatopenshift_originMatch1.0.5
| CPE | Name | Operator | Version |
|---|---|---|---|
| redhat:openshift | redhat openshift | le | 1.0 |
| redhat:openshift_origin | redhat openshift origin | eq | 1.0.5 |
Related
prion
prion
Code injection
2013-02-24 22:55:00
cvelist
cvelist
CVE-2013-0164
2013-02-24 22:00:00
nvd
nvd
CVE-2013-0164
2013-02-24 22:55:01
veracode
veracode
Open Redirect
2019-05-02 04:52:21
Information Disclosure
2019-05-02 04:52:23
Arbitrary File Overwrite
2019-05-02 04:52:24
nessus
nessus
RHEL 6 : openshift (RHSA-2013:0220)
2018-12-06 00:00:00
redhat
redhat
(RHSA-2013:0220) Important: Red Hat OpenShift Enterprise 1.1 update
2013-01-31 00:00:00
3.6 Low
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:P/A:P
6.2 Medium
AI Score
Confidence
Low
0.0004 Low
EPSS
Percentile
5.1%
Related for CVE-2013-0164