Vulnerabilities > CVE-2019-14845 - Unspecified vulnerability in Redhat Openshift
Attack vector
ADJACENT_NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
NONE high complexity
redhat
Summary
A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. Builds that extract source from a container image, bypass the TLS hostname verification. An attacker can take advantage of this flaw by launching a man-in-the-middle attack and injecting malicious content.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Redhat
advisories |
|
References
- https://access.redhat.com/errata/RHSA-2019:4101
- https://access.redhat.com/errata/RHSA-2019:4101
- https://access.redhat.com/errata/RHSA-2019:4237
- https://access.redhat.com/errata/RHSA-2019:4237
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14845
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14845