Multiple vulnerabilitis in OpenShift Container Platform
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2018-1002102 CVE-2020-8559 |
| CWE-ID | CWE-601 CWE-264 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
openshift-kuryr (Red Hat package) Operating systems & Components / Operating system package or component openshift-enterprise-cluster-capacity (Red Hat package) Operating systems & Components / Operating system package or component openshift-enterprise-autoheal (Red Hat package) Operating systems & Components / Operating system package or component openshift-ansible (Red Hat package) Operating systems & Components / Operating system package or component golang-github-prometheus-prometheus (Red Hat package) Operating systems & Components / Operating system package or component golang-github-prometheus-node_exporter (Red Hat package) Operating systems & Components / Operating system package or component golang-github-prometheus-alertmanager (Red Hat package) Operating systems & Components / Operating system package or component golang-github-openshift-oauth-proxy (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-service-idler (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-node-problem-detector (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-metrics-server (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-dockerregistry (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-descheduler (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-cluster-autoscaler (Red Hat package) Operating systems & Components / Operating system package or component atomic-enterprise-service-catalog (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift-web-console (Red Hat package) Operating systems & Components / Operating system package or component atomic-openshift (Red Hat package) Operating systems & Components / Operating system package or component Red Hat OpenShift Container Platform Client/Desktop applications / Software for system administration |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Open redirect
EUVDB-ID: #VU35005
Risk: Low
CVSSv4.0: 0.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-1002102
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote privileged user to gain access to sensitive information.
Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.
MitigationInstall updates from vendor's website.
openshift-kuryr (Red Hat package): 3.11.153-1.git.1.073ef06.el7 - 3.11.248-1.git.1.f90c804.el7
openshift-enterprise-cluster-capacity (Red Hat package): 3.11.16-1.git.380.1406f2f.el7 - 3.11.248-1.git.1.37b107c.el7
openshift-enterprise-autoheal (Red Hat package): 3.11.16-1.git.219.5443970.el7 - 3.11.248-1.git.1.0020348.el7
openshift-ansible (Red Hat package): 3.11.16-1.git.0.4ac6f81.el7 - 3.11.248-1.git.0.fd212c7.el7
golang-github-prometheus-prometheus (Red Hat package): 3.11.16-1.git.5020.5e81ed1.el7 - 3.11.248-1.git.1.ad54f5b.el7
golang-github-prometheus-node_exporter (Red Hat package): 3.11.16-1.git.1056.1583d2a.el7 - 3.11.248-1.git.1.32f87fc.el7
golang-github-prometheus-alertmanager (Red Hat package): 3.11.16-1.git.0.be735ec.el7 - 3.11.248-1.git.1.66abd18.el7
golang-github-openshift-oauth-proxy (Red Hat package): 3.11.16-1.git.409.922769e.el7 - 3.11.248-1.git.1.9885abb.el7
atomic-openshift-service-idler (Red Hat package): 3.11.16-1.git.14.a65cbf0.el7 - 3.11.248-1.git.1.4c42a90.el7
atomic-openshift-node-problem-detector (Red Hat package): 3.11.16-1.git.198.95f4dfa.el7 - 3.11.248-1.git.1.628ff22.el7
atomic-openshift-metrics-server (Red Hat package): 3.11.16-1.git.52.9fd74a8.el7 - 3.11.248-1.git.1.b53e0e3.el7
atomic-openshift-dockerregistry (Red Hat package): 3.11.51-1.git.446.d29ce0e.el7 - 3.11.248-1.git.1.bb4a1fc.el7
atomic-openshift-descheduler (Red Hat package): 3.11.16-1.git.300.abfab3c.el7 - 3.11.248-1.git.1.108ef32.el7
atomic-openshift-cluster-autoscaler (Red Hat package): 3.11.16-1.git.0.8c8305e.el7 - 3.11.248-1.git.1.b5530f6.el7
atomic-enterprise-service-catalog (Red Hat package): 3.11.16-1.git.1633.05087cb.el7 - 3.11.248-1.git.1.9aad2ef.el7
atomic-openshift-web-console (Red Hat package): 3.11.16-1.git.289.ecf7441.el7 - 3.11.219-1.git.1.9b9b889.el7
atomic-openshift (Red Hat package): 3.11.16-1.git.0.b48b8f8.el7 - 3.11.219-1.git.0.0c21387.el7
Red Hat OpenShift Container Platform: before 3.11.343
CPE2.3- cpe:2.3:a:red_hat:openshift-kuryr_redhat_package:3.11.153-1.git.1.073ef06.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-kuryr_redhat_package:3.11.161-1.git.1.33697e5.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-kuryr_redhat_package:3.11.170-1.git.1.7265da1.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-cluster-capacity_redhat_package:3.11.16-1.git.380.1406f2f.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-cluster-capacity_redhat_package:3.11.43-1.git.380.9cbcbb2.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-cluster-capacity_redhat_package:3.11.51-1.git.380.ffa21af.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-autoheal_redhat_package:3.11.16-1.git.219.5443970.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-autoheal_redhat_package:3.11.43-1.git.219.be400cf.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-autoheal_redhat_package:3.11.51-1.git.219.8ea4275.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-ansible_redhat_package:3.11.16-1.git.0.4ac6f81.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-prometheus-prometheus_redhat_package:3.11.16-1.git.5020.5e81ed1.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-prometheus-node_exporter_redhat_package:3.11.16-1.git.1056.1583d2a.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-prometheus-alertmanager_redhat_package:3.11.16-1.git.0.be735ec.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-openshift-oauth-proxy_redhat_package:3.11.16-1.git.409.922769e.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-service-idler_redhat_package:3.11.16-1.git.14.a65cbf0.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-node-problem-detector_redhat_package:3.11.16-1.git.198.95f4dfa.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-metrics-server_redhat_package:3.11.16-1.git.52.9fd74a8.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-dockerregistry_redhat_package:3.11.51-1.git.446.d29ce0e.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-descheduler_redhat_package:3.11.16-1.git.300.abfab3c.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-cluster-autoscaler_redhat_package:3.11.16-1.git.0.8c8305e.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-enterprise-service-catalog_redhat_package:3.11.16-1.git.1633.05087cb.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-web-console_redhat_package:3.11.16-1.git.289.ecf7441.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift_redhat_package:3.11.16-1.git.0.b48b8f8.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:red_hat_openshift_container_platform:*:*:*:*:*:*:*:*
https://access.redhat.com/errata/RHSA-2020:5363
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU34130
Risk: Medium
CVSSv4.0: 2.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/E:P/U:Green]
CVE-ID: CVE-2020-8559
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a remote privileged user to execute arbitrary code.
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
MitigationInstall updates from vendor's website.
openshift-kuryr (Red Hat package): 3.11.153-1.git.1.073ef06.el7 - 3.11.248-1.git.1.f90c804.el7
openshift-enterprise-cluster-capacity (Red Hat package): 3.11.16-1.git.380.1406f2f.el7 - 3.11.248-1.git.1.37b107c.el7
openshift-enterprise-autoheal (Red Hat package): 3.11.16-1.git.219.5443970.el7 - 3.11.248-1.git.1.0020348.el7
openshift-ansible (Red Hat package): 3.11.16-1.git.0.4ac6f81.el7 - 3.11.248-1.git.0.fd212c7.el7
golang-github-prometheus-prometheus (Red Hat package): 3.11.16-1.git.5020.5e81ed1.el7 - 3.11.248-1.git.1.ad54f5b.el7
golang-github-prometheus-node_exporter (Red Hat package): 3.11.16-1.git.1056.1583d2a.el7 - 3.11.248-1.git.1.32f87fc.el7
golang-github-prometheus-alertmanager (Red Hat package): 3.11.16-1.git.0.be735ec.el7 - 3.11.248-1.git.1.66abd18.el7
golang-github-openshift-oauth-proxy (Red Hat package): 3.11.16-1.git.409.922769e.el7 - 3.11.248-1.git.1.9885abb.el7
atomic-openshift-service-idler (Red Hat package): 3.11.16-1.git.14.a65cbf0.el7 - 3.11.248-1.git.1.4c42a90.el7
atomic-openshift-node-problem-detector (Red Hat package): 3.11.16-1.git.198.95f4dfa.el7 - 3.11.248-1.git.1.628ff22.el7
atomic-openshift-metrics-server (Red Hat package): 3.11.16-1.git.52.9fd74a8.el7 - 3.11.248-1.git.1.b53e0e3.el7
atomic-openshift-dockerregistry (Red Hat package): 3.11.51-1.git.446.d29ce0e.el7 - 3.11.248-1.git.1.bb4a1fc.el7
atomic-openshift-descheduler (Red Hat package): 3.11.16-1.git.300.abfab3c.el7 - 3.11.248-1.git.1.108ef32.el7
atomic-openshift-cluster-autoscaler (Red Hat package): 3.11.16-1.git.0.8c8305e.el7 - 3.11.248-1.git.1.b5530f6.el7
atomic-enterprise-service-catalog (Red Hat package): 3.11.16-1.git.1633.05087cb.el7 - 3.11.248-1.git.1.9aad2ef.el7
atomic-openshift-web-console (Red Hat package): 3.11.16-1.git.289.ecf7441.el7 - 3.11.219-1.git.1.9b9b889.el7
atomic-openshift (Red Hat package): 3.11.16-1.git.0.b48b8f8.el7 - 3.11.219-1.git.0.0c21387.el7
Red Hat OpenShift Container Platform: before 3.11.343
CPE2.3- cpe:2.3:a:red_hat:openshift-kuryr_redhat_package:3.11.153-1.git.1.073ef06.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-kuryr_redhat_package:3.11.161-1.git.1.33697e5.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-kuryr_redhat_package:3.11.170-1.git.1.7265da1.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-cluster-capacity_redhat_package:3.11.16-1.git.380.1406f2f.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-cluster-capacity_redhat_package:3.11.43-1.git.380.9cbcbb2.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-cluster-capacity_redhat_package:3.11.51-1.git.380.ffa21af.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-autoheal_redhat_package:3.11.16-1.git.219.5443970.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-autoheal_redhat_package:3.11.43-1.git.219.be400cf.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-enterprise-autoheal_redhat_package:3.11.51-1.git.219.8ea4275.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:openshift-ansible_redhat_package:3.11.16-1.git.0.4ac6f81.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-prometheus-prometheus_redhat_package:3.11.16-1.git.5020.5e81ed1.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-prometheus-node_exporter_redhat_package:3.11.16-1.git.1056.1583d2a.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-prometheus-alertmanager_redhat_package:3.11.16-1.git.0.be735ec.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:golang-github-openshift-oauth-proxy_redhat_package:3.11.16-1.git.409.922769e.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-service-idler_redhat_package:3.11.16-1.git.14.a65cbf0.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-node-problem-detector_redhat_package:3.11.16-1.git.198.95f4dfa.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-metrics-server_redhat_package:3.11.16-1.git.52.9fd74a8.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-dockerregistry_redhat_package:3.11.51-1.git.446.d29ce0e.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-descheduler_redhat_package:3.11.16-1.git.300.abfab3c.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-cluster-autoscaler_redhat_package:3.11.16-1.git.0.8c8305e.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-enterprise-service-catalog_redhat_package:3.11.16-1.git.1633.05087cb.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift-web-console_redhat_package:3.11.16-1.git.289.ecf7441.el7:*:*:*:*:red_hat_enterprise_linux:*:*
- cpe:2.3:a:red_hat:atomic-openshift_redhat_package:3.11.16-1.git.0.b48b8f8.el7:*:*:*:*:red_hat_enterprise_linux:*:*
https://access.redhat.com/errata/RHSA-2020:5363
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
