Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2015:2544
HistoryDec 03, 2015 - 5:37 p.m.

(RHSA-2015:2544) Moderate: openshift security update

2015-12-0317:37:27
access.redhat.com
11

0.005 Low

EPSS

Percentile

76.5%

JSON

OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.

It was found that OpenShift’s API back end did not verify requests for
pod log locations, allowing a pod on a Node to request logs for any
other pod on that Node. A remote attacker could use this flaw to view
sensitive information via pod logs that they would normally not have
access to. (CVE-2015-7528)

This issue was discovered by Jordan Liggitt of Red Hat Atomic OpenShift.

All OpenShift Enterprise 3.0 and 3.1 users are advised to upgrade to
these updated packages, which correct this issue.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64openshift< 3.0.2.0-0.git.38.7576bc5.el7oseopenshift-3.0.2.0-0.git.38.7576bc5.el7ose.x86_64.rpm
RedHat7x86_64openshift-clients< 3.0.2.0-0.git.38.7576bc5.el7oseopenshift-clients-3.0.2.0-0.git.38.7576bc5.el7ose.x86_64.rpm
RedHat7x86_64tuned-profiles-atomic-openshift-node< 3.1.0.4-1.git.15.5e061c3.el7aostuned-profiles-atomic-openshift-node-3.1.0.4-1.git.15.5e061c3.el7aos.x86_64.rpm
RedHat7x86_64openshift-master< 3.0.2.0-0.git.38.7576bc5.el7oseopenshift-master-3.0.2.0-0.git.38.7576bc5.el7ose.x86_64.rpm
RedHat7x86_64atomic-openshift-clients< 3.1.0.4-1.git.15.5e061c3.el7aosatomic-openshift-clients-3.1.0.4-1.git.15.5e061c3.el7aos.x86_64.rpm
RedHat7x86_64atomic-openshift-sdn-ovs< 3.1.0.4-1.git.15.5e061c3.el7aosatomic-openshift-sdn-ovs-3.1.0.4-1.git.15.5e061c3.el7aos.x86_64.rpm
RedHat7x86_64openshift-sdn-ovs< 3.0.2.0-0.git.38.7576bc5.el7oseopenshift-sdn-ovs-3.0.2.0-0.git.38.7576bc5.el7ose.x86_64.rpm
RedHat7x86_64atomic-openshift-dockerregistry< 3.1.0.4-1.git.15.5e061c3.el7aosatomic-openshift-dockerregistry-3.1.0.4-1.git.15.5e061c3.el7aos.x86_64.rpm
RedHat7x86_64tuned-profiles-openshift-node< 3.0.2.0-0.git.38.7576bc5.el7osetuned-profiles-openshift-node-3.0.2.0-0.git.38.7576bc5.el7ose.x86_64.rpm
RedHat7x86_64atomic-openshift-clients-redistributable< 3.1.0.4-1.git.15.5e061c3.el7aosatomic-openshift-clients-redistributable-3.1.0.4-1.git.15.5e061c3.el7aos.x86_64.rpm
Rows per page:
1-10 of 181

Related

osv 1
prion 1
debiancve 1
veracode 2
github 1
nessus 1
redhat 1
cvelist 1
nvd 1
cve 1
osv
osv
Information Exposure in Kubernetes
2022-04-12 22:40:14
prion
prion
Code injection
2016-04-11 21:59:00
debiancve
debiancve
CVE-2015-7528
2016-04-11 21:59:09
veracode
veracode
Arbitrary Log Read
2017-05-03 07:54:35
Arbitrary Log Read
2019-01-15 09:08:56
github
github
Information Exposure in Kubernetes
2022-04-12 22:40:14
nessus
nessus
RHEL 7 : openshift (RHSA-2015:2544)
2018-12-04 00:00:00
redhat
redhat
(RHSA-2015:2615) Moderate: openshift security update
2015-12-10 20:18:31
cvelist
cvelist
CVE-2015-7528
2016-04-11 21:00:00
nvd
nvd
CVE-2015-7528
2016-04-11 21:59:09
cve
cve
CVE-2015-7528
2016-04-11 21:59:09

0.005 Low

EPSS

Percentile

76.5%

JSON
Related for RHSA-2015:2544
osv1prion1debiancve1veracode2github1nessus1redhat1cvelist1nvd1cve1