Multiple vulnerabilities in OpenShift Container Platform 4.10
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 12 |
| CVE-ID | CVE-2022-25179 CVE-2022-25182 CVE-2022-25183 CVE-2022-25176 CVE-2022-25180 CVE-2022-25174 CVE-2022-25177 CVE-2022-25178 CVE-2022-25181 CVE-2022-25175 CVE-2022-25173 CVE-2022-25184 |
| CWE-ID | CWE-61 CWE-94 CWE-200 CWE-78 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Red Hat OpenShift Container Platform Client/Desktop applications / Software for system administration openshift-clients (Red Hat package) Operating systems & Components / Operating system package or component openshift (Red Hat package) Operating systems & Components / Operating system package or component jenkins-2-plugins (Red Hat package) Operating systems & Components / Operating system package or component cri-o (Red Hat package) Operating systems & Components / Operating system package or component |
| Vendor | Red Hat Inc. |
Security Bulletin
This security bulletin contains information about 12 vulnerabilities.
1) UNIX symbolic link following
EUVDB-ID: #VU60643
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25179
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the system.
The vulnerability exists due to the affected plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading files using the readTrusted step. A remote user can configure Pipelines permission to read arbitrary files on the Jenkins controller file system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Code Injection
EUVDB-ID: #VU60640
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25182
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to the affected plugin uses the names of Pipeline libraries to create directories without canonicalization or sanitization. A remote user can use specially crafted library names and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Code Injection
EUVDB-ID: #VU60641
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25183
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to the affected plugin uses the names of Pipeline libraries to create cache directories without any sanitization. A remote user can use specially crafted library names and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) UNIX symbolic link following
EUVDB-ID: #VU60634
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25176
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the system.
The vulnerability exists due to the affected plugin follows symbolic links to locations outside of the checkout directory for the configured SCM when reading the script file (typically Jenkinsfile) for Pipelines. A remote user can create a specially crafted symbolic link to a critical file on the system and gain access to sensitive information.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Information disclosure
EUVDB-ID: #VU60635
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25180
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected plugin includes password parameters from the original build in replayed builds. A remote user can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) OS Command Injection
EUVDB-ID: #VU60636
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25174
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to the affected plugin uses the same checkout directories for distinct SCMs for Pipeline libraries. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) UNIX symbolic link following
EUVDB-ID: #VU60637
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25177
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the system.
The vulnerability exists due to the affected plugin follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step. A remote user can create a specially crafted symbolic link to a critical file on the system and read arbitrary files on the Jenkins controller file system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
8) UNIX symbolic link following
EUVDB-ID: #VU60638
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25178
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information on the system.
The vulnerability exists due to the affected plugin does not restrict the names of resources passed to the "libraryResource" step. A remote user can create a specially crafted symbolic link to a critical file on the system and read arbitrary files on the Jenkins controller file system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Code Injection
EUVDB-ID: #VU60639
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25181
CWE-ID:
CWE-94 - Improper Control of Generation of Code ('Code Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to the affected plugin uses the same workspace directory for all checkouts of Pipeline libraries with the same name regardless of the SCM being used and the source of the library configuration. A remote user can send a specially crafted request and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) OS Command Injection
EUVDB-ID: #VU60642
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25175
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to the affected plugin uses distinct checkout directories per SCM for the readTrusted step. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) OS Command Injection
EUVDB-ID: #VU60633
Risk: Medium
CVSSv3.1: 7.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25173
CWE-ID:
CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.
The vulnerability exists due to the affected plugin uses the same checkout directories for distinct SCMs when reading the script file (typically Jenkinsfile) for Pipelines. A remote user can pass specially crafted data to the application and execute arbitrary OS commands on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Information disclosure
EUVDB-ID: #VU60644
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25184
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected plugin reveals password parameter default values when generating a pipeline script using the Pipeline Snippet Generator. A remote user can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Red Hat OpenShift Container Platform: 4.10 - 4.10.5
openshift-clients (Red Hat package): 4.10.0-202202160023.p0.gf93da17.assembly.stream.el7 - 4.10.0-202203141248.p0.g6db43e2.assembly.stream.el8
openshift (Red Hat package): 4.10.0-202202250816.p0.ge419edf.assembly.stream.el7 - 4.10.0-202202250816.p0.ge419edf.assembly.stream.el8
jenkins-2-plugins (Red Hat package): 4.10.1643404185-1.el8
cri-o (Red Hat package): 1.23.1-9.rhaos4.10.gitbdffb9a.el8 - 1.23.1-12.rhaos4.10.git1607c6e.el8
External linkshttp://access.redhat.com/errata/RHSA-2022:1025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
