Vulnerabilities > CVE-2013-4253 - Exposure of Resource to Wrong Sphere vulnerability in Redhat Openshift 1.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

redhat

CWE-668

NVD

Published: 2022-10-19

Updated: 2022-10-21

Summary

The deployment script in the unsupported "OpenShift Extras" set of add-on scripts, in Red Hat Openshift 1, installs a default public key in the root user's authorized_keys file.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Openshift 1.0	1

Common Weakness Enumeration (CWE)

CWE-668 - Exposure of Resource to Wrong Sphere

References

https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice
https://www.openwall.com/lists/oss-security/2014/06/05/19