openshift is vulnerable to information disclosure attacks. The vulnerability exists as Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.
rhn.redhat.com/errata/RHSA-2014-1796.html
rhn.redhat.com/errata/RHSA-2014-1906.html
access.redhat.com/errata/RHSA-2014:1796
access.redhat.com/errata/RHSA-2014:1906
access.redhat.com/security/cve/CVE-2014-3602
access.redhat.com/security/updates/classification/#moderate
access.redhat.com/site/documentation/en-US/OpenShift_Enterprise/2/
bugzilla.redhat.com/show_bug.cgi?id=1004479
bugzilla.redhat.com/show_bug.cgi?id=1093192
bugzilla.redhat.com/show_bug.cgi?id=1100102
bugzilla.redhat.com/show_bug.cgi?id=1121195
bugzilla.redhat.com/show_bug.cgi?id=1123850
bugzilla.redhat.com/show_bug.cgi?id=1130347
bugzilla.redhat.com/show_bug.cgi?id=1131167
bugzilla.redhat.com/show_bug.cgi?id=1131190
bugzilla.redhat.com/show_bug.cgi?id=1131680
bugzilla.redhat.com/show_bug.cgi?id=1133075
bugzilla.redhat.com/show_bug.cgi?id=1134139
bugzilla.redhat.com/show_bug.cgi?id=1140289
bugzilla.redhat.com/show_bug.cgi?id=1144057
bugzilla.redhat.com/show_bug.cgi?id=1144940
bugzilla.redhat.com/show_bug.cgi?id=1145810
bugzilla.redhat.com/show_bug.cgi?id=1145877
bugzilla.redhat.com/show_bug.cgi?id=1146224
bugzilla.redhat.com/show_bug.cgi?id=1148192
bugzilla.redhat.com/show_bug.cgi?id=1150971
bugzilla.redhat.com/show_bug.cgi?id=1151244
bugzilla.redhat.com/show_bug.cgi?id=1152698
bugzilla.redhat.com/show_bug.cgi?id=1152699
bugzilla.redhat.com/show_bug.cgi?id=1152700
bugzilla.redhat.com/show_bug.cgi?id=1153750
bugzilla.redhat.com/show_bug.cgi?id=1154026
bugzilla.redhat.com/show_bug.cgi?id=1154471
bugzilla.redhat.com/show_bug.cgi?id=1156200
bugzilla.redhat.com/show_bug.cgi?id=1156613
rhn.redhat.com/errata/RHSA-2014-1796.html