CVE-2015-7561
published 2017-08-07CVE-2015-7561: Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.
PriorityP413low3.1CVSS 3.0
AVNACHPRLUINSUCLINAN
EPSS
1.17%
63.6th percentile
Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| k8s.io | kubernetes | >= 0 < 1.2.0-alpha.6 | 1.2.0-alpha.6 |
| redhat | openshift | — | — |
CVSS provenance
nvdv3.03.1LOWCVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:P/I:N/A:N
vendor_redhat3.1LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes
osv·2024-08-20
CVE-2015-7561 Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes
Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes
Kubernetes in OpenShift3 Access Control Misconfiguration in k8s.io/kubernetes
GHSA
Kubernetes in OpenShift3 Access Control Misconfiguration
ghsa·2022-05-13
CVE-2015-7561 [LOW] Kubernetes in OpenShift3 Access Control Misconfiguration
Kubernetes in OpenShift3 Access Control Misconfiguration
Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.
OSV
Kubernetes in OpenShift3 Access Control Misconfiguration
osv·2022-05-13
CVE-2015-7561 [LOW] Kubernetes in OpenShift3 Access Control Misconfiguration
Kubernetes in OpenShift3 Access Control Misconfiguration
Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.
Red Hat
OpenShift3: Private Docker images can be used by any user, once they are pulled to a node
vendor_redhat·2015-12-15·CVSS 3.1
CVE-2015-7561 [LOW] CWE-862 OpenShift3: Private Docker images can be used by any user, once they are pulled to a node
OpenShift3: Private Docker images can be used by any user, once they are pulled to a node
Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image.
Package: openshift (Red Hat OpenShift Enterprise 3) - Affected
No detection rules found.
No public exploits indexed.
2017-08-07
Published