Redhat Openshift vulnerabilities

CVE-2014-3602 [LOW] CWE-264 CVE-2014-3602: Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number info Red Hat OpenShift Enterprise before 2.2 allows local users to obtain IP address and port number information for remote systems by reading /proc/net/tcp.

CVE-2014-3666 [HIGH] CWE-94 CVE-2014-3666: Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to execute arbitrary code via a crafted packet to the CLI channel.

CVE-2014-3662 [MEDIUM] CWE-200 CVE-2014-3662: Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vect Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to enumerate user names via vectors related to login attempts.

CVE-2014-3680 [MEDIUM] CWE-200 CVE-2014-3680: Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ perm Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/READ permission to obtain the default value for the password field of a parameterized job by reading the DOM.

CVE-2014-3663 [MEDIUM] CWE-264 CVE-2014-3663: Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Job/CONFIGURE permission to bypass intended restrictions and create or destroy arbitrary jobs via unspecified vectors.

CVE-2014-3667 [MEDIUM] CWE-200 CVE-2014-3667: Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which Jenkins before 1.583 and LTS before 1.565.3 does not properly prevent downloading of plugins, which allows remote authenticated users with the Overall/READ permission to obtain sensitive information by reading the plugin code.

CVE-2014-3661 [MEDIUM] CWE-399 CVE-2014-3661: Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (th Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (thread consumption) via vectors related to a CLI handshake.

CVE-2014-3664 [MEDIUM] CWE-22 CVE-2014-3664: Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authe Directory traversal vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote authenticated users with the Overall/READ permission to read arbitrary files via unspecified vectors.

CVE-2014-3681 [MEDIUM] CWE-79 CVE-2014-3681: Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remot Cross-site scripting (XSS) vulnerability in Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2014-3496 [CRITICAL] CWE-94 CVE-2014-3496: cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attacke cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.

CVE-2014-0164 [LOW] CWE-310 CVE-2014-0164: openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-re openshift-origin-broker-util, as used in Red Hat OpenShift Enterprise 1.2.7 and 2.0.5, uses world-readable permissions for the mcollective client.cfg configuration file, which allows local users to obtain credentials and other sensitive information by reading the file.

CVE-2014-0188 [HIGH] CWE-287 CVE-2014-0188: The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not prope The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger.

CVE-2014-1869 [MEDIUM] CWE-79 CVE-2014-1869: Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3 Multiple cross-site scripting (XSS) vulnerabilities in ZeroClipboard.swf in ZeroClipboard before 1.3.2, as maintained by Jon Rohan and James M. Greene, allow remote attackers to inject arbitrary web script or HTML via vectors related to certain SWF query parameters (aka loaderInfo.parameters).

CVE-2013-2119 [MEDIUM] CWE-264 CVE-2013-2119: Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a de Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.

CVE-2013-2186 [HIGH] CWE-20 CVE-2013-2186: The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Port The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss Portal 4.3 CP07, 5.2.2, and 6.0.0; and Red Hat JBoss Web Server 1.0.2 allows remote attackers to write to arbitrary files via a NULL byte in a file name in a serialized instance.

CVE-2012-5646 [HIGH] CWE-20 CVE-2012-5646: node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attacke node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATH_INFO.

CVE-2012-5647 [MEDIUM] CWE-20 CVE-2012-5647: Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1. Open redirect vulnerability in node-util/www/html/restorer.php in Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the PATH_INFO.

CVE-2013-0164 [LOW] CWE-264 CVE-2013-0164: The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.

CVE-2012-5658 [LOW] CWE-310 CVE-2012-5658: rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the passwor rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log files or Bugzilla reports in support channels.

CVE-2012-5622 [MEDIUM] CWE-352 CVE-2012-5622: Cross-site request forgery (CSRF) vulnerability in the management console (openshift-console/app/con Cross-site request forgery (CSRF) vulnerability in the management console (openshift-console/app/controllers/application_controller.rb) in OpenShift 0.0.5 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors.