Published: 24/04/2020 Updated: 12/02/2023

CVSS v2 Base Score: 4 | Impact Score: 4.9 | Exploitability Score: 4.9

CVSS v3 Base Score: 5.9 | Impact Score: 4.2 | Exploitability Score: 1.6

VMScore: 356

Vector: AV:N/AC:H/Au:N/C:P/I:P/A:N

A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openshift container platform 3.11

Synopsis Important: OpenShift Container Platform 311 security update Type/Severity Security Advisory: Important Topic An update for jenkins, jenkins-2-plugins, openshift-ansible, and python-rsa is now available for Red Hat OpenShift Container Platform 311Red Hat Product Security has rated this update as ...

CWE-185 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1741 https://access.redhat.com/errata/RHSA-2020:3541 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2020-1741

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect