rhc-chk.rb in Red Hat OpenShift Origin prior to 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent malicious users to obtain sensitive information, as demonstrated by including log files or Bugzilla reports in support channels.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat openshift origin 1.0.5 |
||
redhat openshift |