Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat openshift container platform 4.0 vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2019-10200
A flaw exists in OpenShift Container Platform 4 where, by default, users with access to create pods also have the ability to schedule workloads on master nodes. Pods with permission to access the host network, running on master nodes, can retrieve security credentials for the mas...
Redhat Openshift Container Platform 4.0
6.5
CVSSv2
CVE-2019-10225
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the valu...
Redhat Openshift 4.2
Redhat Openshift Container Platform 3.11
Redhat Openshift Container Platform 4.0
7.1
CVSSv2
CVE-2020-27827
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Lldpd Project Lldpd
Openvswitch Openvswitch
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Openstack 10
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openstack 13
Fedoraproject Fedora 33
Siemens Simatic Hmi Unified Comfort Panels Firmware
Siemens Simatic Net Cp 1243-1 Firmware -
Siemens Simatic Net Cp 1243-8 Irc Firmware -
Siemens Simatic Net Cp 1542sp-1 Firmware -
Siemens Simatic Net Cp 1542sp-1 Irc Firmware -
Siemens Simatic Net Cp 1543-1 Firmware -
Siemens Simatic Net Cp 1543sp-1 Firmware -
Siemens Simatic Net Cp 1545-1 Firmware -
Siemens Tim 1531 Irc Firmware
Siemens Sinumerik One Firmware
10
CVSSv2
CVE-2020-27846
A signature verification vulnerability exists in crewjam/saml. This flaw allows an malicious user to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Grafana Grafana
Saml Project Saml
Redhat Openshift Container Platform 3.11
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openshift Service Mesh 2.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
3.6
CVSSv2
CVE-2020-27781
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved vi...
Redhat Ceph
Redhat Ceph Storage 3.0
Redhat Ceph Storage 2.0
Redhat Openshift Container Platform 4.0
Redhat Ceph Storage 4.0
Redhat Openstack Platform 13.0
Fedoraproject Fedora 33
2.1
CVSSv2
CVE-2020-25677
A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information within this file. The highest threat from this vulnerability is to confidentiality.
Ceph Ceph-ansible 4.0.41
Redhat Ceph Storage 3.0
Redhat Ceph Storage 4.0
5.8
CVSSv2
CVE-2020-27816
The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. Th...
Elastic Kibana
Redhat Openshift Container Platform 4.0
2.1
CVSSv2
CVE-2020-10763
An information-disclosure flaw was found in the way Heketi prior to 10.1.0 logs sensitive information. This flaw allows an attacker with local access to the Heketi server to read potentially sensitive information such as gluster-block passwords.
Heketi Project Heketi
Redhat Gluster Storage 3.0
Redhat Gluster Storage 3.5
Redhat Openshift Container Platform 4.0
Redhat Enterprise Linux 7.0
5.8
CVSSv2
CVE-2020-25660
A flaw was found in the Cephx authentication protocol in versions prior to 15.2.6 and prior to 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to au...
Redhat Ceph
Redhat Ceph Storage 2.0
Redhat Openshift Container Platform 4.0
Redhat Ceph Storage 4.0
Fedoraproject Fedora 33
4.4
CVSSv2
CVE-2020-15705
GRUB2 fails to validate kernel signature when booted directly without shim, allowing secure boot to be bypassed. This only affects systems where the kernel signing certificate has been imported directly into the secure boot database and the GRUB image is booted directly without t...
Gnu Grub2
Redhat Enterprise Linux Atomic Host -
Redhat Openshift Container Platform 4.0
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Debian Debian Linux 10.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Suse Suse Linux Enterprise Server 11
Suse Suse Linux Enterprise Server 12
Suse Suse Linux Enterprise Server 15
Microsoft Windows 10 -
Microsoft Windows 10 1607
Microsoft Windows 10 1709
Microsoft Windows 10 1803
Microsoft Windows 10 1809
Microsoft Windows 10 1903
Microsoft Windows 10 1909
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »