(RHSA-2019:1851) Moderate: OpenShift Container Platform 3.11 security update

2019-07-2420:51:13

access.redhat.com

160

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

0.006 Low

EPSS

Percentile

77.9%

JSON

Red Hat OpenShift Container Platform is Red Hat’s cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.

Security Fix(es):

web-console: XSS in OAuth server /oauth/token/request endpoint
(CVE-2019-3876)
jenkins-plugin-token-macro: XML External Entity processing the ${XML}
macro (CVE-2019-10337)
kube-apiserver: DoS with crafted patch of type json-patch
(CVE-2019-1002100)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64atomic-openshift-master< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-master-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat7ppc64leatomic-openshift-node< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-node-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat7noarchatomic-openshift-excluder< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-excluder-3.11.129-1.git.0.bd4f2d5.el7.noarch.rpm
RedHat7x86_64atomic-openshift-clients< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-clients-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat7x86_64atomic-openshift-pod< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-pod-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat7ppc64leatomic-openshift-hypershift< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-hypershift-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat7x86_64atomic-openshift-sdn-ovs< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-sdn-ovs-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat7ppc64leatomic-openshift< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat7ppc64leatomic-openshift-clients< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-clients-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat7ppc64leatomic-openshift-sdn-ovs< 3.11.129-1.git.0.bd4f2d5.el7atomic-openshift-sdn-ovs-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	x86_64	atomic-openshift-master	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-master-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat	7	ppc64le	atomic-openshift-node	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-node-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat	7	noarch	atomic-openshift-excluder	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-excluder-3.11.129-1.git.0.bd4f2d5.el7.noarch.rpm
RedHat	7	x86_64	atomic-openshift-clients	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-clients-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat	7	x86_64	atomic-openshift-pod	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-pod-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat	7	ppc64le	atomic-openshift-hypershift	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-hypershift-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat	7	x86_64	atomic-openshift-sdn-ovs	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-sdn-ovs-3.11.129-1.git.0.bd4f2d5.el7.x86_64.rpm
RedHat	7	ppc64le	atomic-openshift	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat	7	ppc64le	atomic-openshift-clients	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-clients-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm
RedHat	7	ppc64le	atomic-openshift-sdn-ovs	< 3.11.129-1.git.0.bd4f2d5.el7	atomic-openshift-sdn-ovs-3.11.129-1.git.0.bd4f2d5.el7.ppc64le.rpm