CVE-2016-3711Sensitive Information Exposure in Redhat Openshift

CWE-200Sensitive Information Exposure4 documents4 sources
Severity
3.3LOWNVD
EPSS
0.0%
top 85.28%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Openshift
Timeline
PublishedJun 8

Description

HAproxy in Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allows local users to obtain the internal IP address of a pod by reading the "OPENSHIFT_[namespace]_SERVERID" cookie.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4

Affected Packages1 packages

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

1
CVEList
CVE-2016-3711: HAproxy in Red Hat OpenShift Enterprise 32016-06-08

📋Vendor Advisories

1
Red Hat
haproxy: Setting cookie containing internal IP address of a pod2016-03-17

💬Community

1
Bugzilla
CVE-2016-3711 haproxy: Setting cookie containing internal IP address of a pod2016-03-31
CVE-2016-3711 — Sensitive Information Exposure | cvebase