CVE-2017-12195Improper Authentication in RED HAT Openshift

CWE-287Improper AuthenticationCWE-295Improper Certificate Validation5 documents5 sources
Severity
4.8MEDIUMNVD
CNA6.5
EPSS
0.2%
top 58.09%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
RED HAT OpenshiftRedhat Openshift Container Platform
Timeline
PublishedJul 27
Latest updateMay 13

Description

A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearch be configured with an external route, and the data accessed is limited to the indices.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:NExploitability: 2.2 | Impact: 2.5

Affected Packages1 packages

CVEListV5red_hat/openshiftall

Also affects: Openshift Container Platform 3.4, 3.5, 3.6, 3.7

🔴Vulnerability Details

2
GHSA
GHSA-f727-j88g-p3m8: A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin2022-05-13
CVEList
CVE-2017-12195: A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin2018-07-27

📋Vendor Advisories

1
Red Hat
3: authentication bypass for elasticsearch with external routes2017-11-28

💬Community

1
Bugzilla
CVE-2017-12195 OpenShift Enterprise 3: authentication bypass for elasticsearch with external routes2017-10-13
CVE-2017-12195 — Improper Authentication in RED | cvebase