CVE-2016-2142

Properties

Published:
07.06.2016
Updated:
10.06.2016
Patch available:
Severity:
Low
  • CVSS vector:
    (AV:L/AC:L/Au:N/C:P/I:N/A:N)
    Product:
    redhat: openshift

    Vulnerability description

    Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file.

    References:

    REDHAT:https://access.redhat.com/errata/RHSA-2016:1038