CVE-2016-2160

Properties

Published:
07.06.2016
Updated:
10.06.2016
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:S/C:C/I:C/A:C)
Product:
redhat: openshift_origin

Vulnerability description

Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.

References:

CONFIRM: https://github.com/openshift/origin/pull/7864
CONFIRM: https://bugzilla.redhat.com/show_bug.cgi?id=1316127
REDHAT: https://access.redhat.com/errata/RHSA-2016:1064