Vulnerabilities > CVE-2017-7517 - Unspecified vulnerability in Redhat Openshift 3.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
LOW Confidentiality impact
LOW Integrity impact
NONE Availability impact
NONE Summary
An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access the metrics stored from the original "MyProject" instance.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |