CVE-2012-5646

CWE-20Improper Input ValidationCWE-78OS Command Injection5 documents5 sources
Severity
7.5HIGH
EPSS
0.9%
top 23.85%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Redhat Openshift OriginRedhat Openshift
Timeline
PublishedFeb 24
Latest updateMay 17

Description

node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATH_INFO.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

🔴Vulnerability Details

2
GHSA
GHSA-pqmr-2w8v-x3jr: node-util/www/html/restorer2022-05-17
CVEList
CVE-2012-5646: node-util/www/html/restorer2013-02-24

📋Vendor Advisories

1
Red Hat
openshift-origin-node-util: restorer.php preg_match shell code injection2013-01-08

💬Community

1
Bugzilla
CVE-2012-5646 openshift-origin-node-util: restorer.php preg_match shell code injection2012-12-18
CVE-2012-5646 (HIGH CVSS 7.5) | node-util/www/html/restorer.php in | cvebase.io