SB2022090764 - Multiple vulnerabilities in OpenShift Virtualization 4.10

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022090764

SB2022090764 - Multiple vulnerabilities in OpenShift Virtualization 4.10

Published: September 7, 2022

Security Bulletin ID SB2022090764
Severity
Medium
Patch available
YES
Number of vulnerabilities 2
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 50% Low 50%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.


1) Overly permissive cross-domain whitelist (CVE-ID: CVE-2022-1996)

The vulnerability allows a remote attacker to bypass the CORS protection mechanism.

The vulnerability exists due to incorrect processing of the "Origin" HTTP header that is supplied within HTTP request. A remote attacker can supply arbitrary value via the "Origin" HTTP header, bypass implemented CORS protection mechanism and perform cross-site scripting attacks against the vulnerable application.


2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2022-1798)

The vulnerability allows a remote user to read arbitrary files on the system.

The vulnerability exists due to a logic issue in kubeVirt API. A remote user can use the kubeVirt API to provide access to host files (like /etc/passwd, for example) in a KubeVirt VM as a disk device that can be written to and read from.

Remediation

Install update from vendor's website.

References