Published: 16/09/2020 Updated: 28/09/2020

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x. This flaw allows an malicious user to craft a URL and inject arbitrary text onto the error page that appears to be from the OpenShift instance. This attack could potentially convince a user that the inserted text is legitimate.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openshift 3.11
redhat openshift

Synopsis Moderate: OpenShift Container Platform 311 security update Type/Severity Security Advisory: Moderate Topic An update for atomic-openshift, atomic-openshift-web-console, and cri-o is now available for Red Hat OpenShift Container Platform 311Red Hat Product Security has rated this update as having ...

Synopsis Moderate: OpenShift Container Platform 461 image security update Type/Severity Security Advisory: Moderate Topic An update is now available for Red Hat OpenShift Container Platform 46Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability S ...

CWE-20 https://bugzilla.redhat.com/show_bug.cgi?id=1767665 https://github.com/openshift/origin-web-console/pull/3173 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:2992

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-10715

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect