Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2019-10150
HistoryApr 09, 2020 - 12:23 p.m.

CVE-2019-10150

2020-04-0912:23:59
redhat.com
access.redhat.com
20

0.008 Low

EPSS

Percentile

82.2%

JSON

It was found that OpenShift Container Platform does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.

Mitigation

Use only methods (such as HTTPS with TLS verification) that enable the identity of the remote repository to be validated.

Related

cve 1
osv 1
prion 1
nessus 3
redhat 4
cvelist 1
veracode 1
nvd 1
cve
cve
CVE-2019-10150
2019-06-12 14:29:02
osv
osv
CVE-2019-10150
2019-06-12 14:29:02
prion
prion
Authentication flaw
2019-06-12 14:29:00
nessus
nessus
RHEL 7 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2019:3143)
2019-10-18 00:00:00
RHEL 7 : OpenShift Container Platform 3.10 atomic-openshift kube-apiserver (RHSA-2019:2989)
2019-10-15 00:00:00
RHEL 7 : OpenShift Container Platform 3.9 atomic-openshift (RHSA-2019:3811)
2019-11-08 00:00:00
redhat
redhat
(RHSA-2019:3143) Moderate: OpenShift Container Platform 3.11 atomic-openshift security update
2019-10-18 01:30:34
(RHSA-2019:3007) Moderate: OpenShift Container Platform 4.1.20 openshift-enterprise-builder-container security update
2019-10-16 17:38:00
(RHSA-2019:2989) Moderate: OpenShift Container Platform 3.10 atomic-openshift kube-apiserver security update
2019-10-14 08:32:55
cvelist
cvelist
CVE-2019-10150
2019-06-12 13:42:36
veracode
veracode
Man-in-the-Middle (MitM)
2019-07-18 08:17:03
nvd
nvd
CVE-2019-10150
2019-06-12 14:29:02

0.008 Low

EPSS

Percentile

82.2%

JSON
Related for RH:CVE-2019-10150
cve1osv1prion1nessus3redhat4cvelist1veracode1nvd1