Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2016:1038
HistoryMay 11, 2016 - 1:22 p.m.

(RHSA-2016:1038) Moderate: openshift security update

2016-05-1113:22:20
access.redhat.com
10

0.0004 Low

EPSS

Percentile

5.1%

JSON

OpenShift Enterprise by Red Hat is the company’s cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or
private cloud deployments.

An access flaw was discovered in OpenShift; the
/etc/origin/master/master-config.yaml configuration file, which could
contain Active Directory credentials, was world-readable. A local user
could exploit this flaw to obtain authentication credentials from the
master-config.yaml file. (CVE-2016-2142)

If you believe that the password in this file has been viewed by an
attacker you should reset the password after installing this update.

All installations with Active Directory integration are advised to upgrade
to the updated software, which contains a backported patch to correct this
issue.

This update includes the following images:

openshift3/ose:v3.1.1.6-19
openshift3/ose-deployer:v3.1.1.6-18
openshift3/ose-docker-builder:v3.1.1.6-17
openshift3/ose-f5-router:v3.1.1.6-18
openshift3/ose-sti-builder:v3.1.1.6-17
openshift3/node:v3.1.1.6-18
aep3_beta/aep-deployer:v3.1.1.6-18
aep3_beta/aep-f5-router:v3.1.1.6-18
aep3_beta/aep:v3.1.1.6-19
aep3_beta/node:v3.1.1.6-18

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64atomic-openshift-node< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-node-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7x86_64atomic-openshift< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7x86_64atomic-openshift-master< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-master-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7x86_64atomic-openshift-clients< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-clients-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7x86_64atomic-openshift-pod< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-pod-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7x86_64atomic-openshift-dockerregistry< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-dockerregistry-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7x86_64tuned-profiles-atomic-openshift-node< 3.1.1.6-6.git.43.f583589.el7aostuned-profiles-atomic-openshift-node-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7x86_64atomic-openshift-clients-redistributable< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-clients-redistributable-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
RedHat7srcatomic-openshift< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-3.1.1.6-6.git.43.f583589.el7aos.src.rpm
RedHat7x86_64atomic-openshift-sdn-ovs< 3.1.1.6-6.git.43.f583589.el7aosatomic-openshift-sdn-ovs-3.1.1.6-6.git.43.f583589.el7aos.x86_64.rpm
Rows per page:
1-10 of 111

Related

cve 1
veracode 1
nessus 1
nvd 1
cvelist 1
prion 1
cve
cve
CVE-2016-2142
2016-06-08 17:59:00
veracode
veracode
Information Disclosure
2019-01-15 09:11:35
nessus
nessus
RHEL 7 : openshift (RHSA-2016:1038)
2018-12-04 00:00:00
nvd
nvd
CVE-2016-2142
2016-06-08 17:59:00
cvelist
cvelist
CVE-2016-2142
2016-06-08 17:00:00
prion
prion
Design/Logic Flaw
2016-06-08 17:59:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for RHSA-2016:1038
cve1veracode1nessus1nvd1cvelist1prion1