Vulnerabilities > CVE-2017-7517 - Unspecified vulnerability in Redhat Openshift 3.0

047910
CVSS 3.5 - LOW
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
redhat

Summary

An input validation vulnerability exists in Openshift Enterprise due to a 1:1 mapping of tenants in Hawkular Metrics and projects/namespaces in OpenShift. If a user creates a project called "MyProject", and then later deletes it another user can then create a project called "MyProject" and access the metrics stored from the original "MyProject" instance.

Vulnerable Configurations

Part Description Count
Application
Redhat
1