SB2022053120 - Multiple vulnerabilities in OpenShift Container Platform release 4.7



SB2022053120 - Multiple vulnerabilities in OpenShift Container Platform release 4.7

Published: May 31, 2022

Security Bulletin ID SB2022053120
CSH Severity
High
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 33% Medium 67%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 vulnerabilities.


1) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2022-1677)

CWE-ID: CWE-300 - Channel Accessible by Non-Endpoint ('Man-in-the-Middle')

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to perform MitM attack.

The vulnerability exists due to an error when handling entries in cluster router's HAProxy configuration files. A remote user with permissions to create or modify Routes can insert a malformed entry into configuration files that match any arbitrary hostname or all hostnames in the cluster, and direct traffic to an arbitrary application within the cluster, including the application under attacker's control.


2) Buffer overflow (CVE-ID: CVE-2018-25032)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when compressing data. A remote attacker can pass specially crafted input to the application, trigger memory corruption and perform a denial of service (DoS) attack.


3) Input validation error (CVE-ID: CVE-2022-1271)

CWE-ID: CWE-20 - Improper input validation

CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber


The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation when processing filenames with two or more newlines. A remote attacker can force zgrep or xzgrep to write arbitrary files on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.


Remediation

Install update from vendor's website.