CVE-2015-5274Command Injection in Redhat Openshift

CWE-77Command InjectionCWE-20Improper Input Validation5 documents5 sources
Severity
6.5MEDIUMNVD
EPSS
0.6%
top 29.86%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Openshift
Timeline
PublishedSep 18
Latest updateMay 17

Description

rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 8.0 | Impact: 6.4

Affected Packages1 packages

🔴Vulnerability Details

2
GHSA
GHSA-3fcg-qm7h-hhpw: rubygem-openshift-origin-console in Red Hat OpenShift 22022-05-17
CVEList
CVE-2015-5274: rubygem-openshift-origin-console in Red Hat OpenShift 22015-09-18

📋Vendor Advisories

1
Red Hat
2.2: API command injection vulnerability2015-09-16

💬Community

1
Bugzilla
CVE-2015-5274 OpenShift 2.2: API command injection vulnerability2015-09-12
CVE-2015-5274 — Command Injection in Redhat Openshift | cvebase