Lucene search
HistoryNov 13, 2014 - 9:32 p.m.
CVE-2014-3674
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.004
Percentile
74.5%
Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.
Affected configurations
Node
redhatopenshiftRange≤2.1.8enterprise
ORredhatopenshiftMatch2.0
ORredhatopenshiftMatch2.0.1enterprise
ORredhatopenshiftMatch2.0.2enterprise
ORredhatopenshiftMatch2.0.3enterprise
ORredhatopenshiftMatch2.0.4enterprise
ORredhatopenshiftMatch2.0.5enterprise
ORredhatopenshiftMatch2.0.6enterprise
ORredhatopenshiftMatch2.1enterprise
ORredhatopenshiftMatch2.1.1enterprise
ORredhatopenshiftMatch2.1.2enterprise
ORredhatopenshiftMatch2.1.3enterprise
ORredhatopenshiftMatch2.1.4enterprise
ORredhatopenshiftMatch2.1.5enterprise
ORredhatopenshiftMatch2.1.6enterprise
ORredhatopenshiftMatch2.1.7enterprise
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | openshift | * | cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:* |
| redhat | openshift | 2.0 | cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:* |
| redhat | openshift | 2.0.1 | cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:* |
| redhat | openshift | 2.0.2 | cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:* |
| redhat | openshift | 2.0.3 | cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:* |
| redhat | openshift | 2.0.4 | cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:* |
| redhat | openshift | 2.0.5 | cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:* |
| redhat | openshift | 2.0.6 | cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:* |
| redhat | openshift | 2.1 | cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:* |
| redhat | openshift | 2.1.1 | cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:* |
Related
cvelist
cvelist
CVE-2014-3674
2014-11-13 15:00:00
prion
prion
Code injection
2014-11-13 21:32:00
cve
cve
CVE-2014-3674
2014-11-13 21:32:03
redhat
redhat
nessus
nessus
RHEL 6 : openshift (RHSA-2014:1796)
2018-12-06 00:00:00
RHEL 6 : Red Hat OpenShift Enterprise 2.1.9 (RHSA-2014:1906)
2018-12-04 00:00:00
veracode
veracode
Information Disclosure
2019-05-02 05:04:35
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.7
Confidence
Low
EPSS
0.004
Percentile
74.5%
Related for NVD:CVE-2014-3674