Red Hat Openshift vulnerabilities

CVE-2019-19355 [HIGH] CWE-266 CVE-2019-19355: An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-releas An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.

CVE-2019-19351 [HIGH] CWE-266 CVE-2019-19351: An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/ An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/jenkins-slave-base-rhel7-containera as shipped in Openshift 4 and 3.11.

CVE-2019-10213 [MEDIUM] CWE-117 CVE-2019-10213: OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod log OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize secret data written to pod logs when the log level in a given operator is set to Debug or higher. A low privileged user could read pod logs to discover secret material if the log level has already been modified in an operator by a privileged user.

CVE-2019-14845 [MEDIUM] CWE-494 CVE-2019-14845: A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source fr A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.

CVE-2019-10165 [LOW] CWE-532 CVE-2019-10165: OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs OpenShift Container Platform before version 4.1.3 writes OAuth tokens in plaintext to the audit logs for the Kubernetes API server and OpenShift API server. A user with sufficient privileges could recover OAuth tokens from these audit logs and use them to access other resources.

CVE-2016-7075 [HIGH] CWE-295 CVE-2016-7075: It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 clie It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

CVE-2017-12195 [MEDIUM] CWE-287 CVE-2017-12195: A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An a A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearch be configured with an external route, and the data