Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2014-1796.html | Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2014-1906.html | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 00:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Red Hat OpenShift Enterprise before 2.2 does not properly restrict access to gears, which allows remote attackers to access the network resources of arbitrary gears via unspecified vectors. |
02 Feb 2023, 20:18
Type | Values Removed | Values Added |
---|---|---|
Summary | It was found that OpenShift Enterprise 2.1 did not properly restrict access to services running on different gears. This could allow an attacker to access unprotected network resources running in another user's gear. | |
References |
|
Information
Published : 2014-11-13 21:32
Updated : 2023-12-10 11:31
NVD link : CVE-2014-3674
Mitre link : CVE-2014-3674
CVE.ORG link : CVE-2014-3674
JSON object : View
Products Affected
redhat
- openshift
CWE
CWE-264
Permissions, Privileges, and Access Controls