Credentials Management Errors
CVE-2015-8945
Summary
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.
- HIGH
- LOCAL
- NONE
- UNCHANGED
- NONE
- NONE
- HIGH
- NONE
CWE-255 - Credentials Management Errors
Weaknesses in this category are related to the management of credentials.
References
Advisory Timeline
- Published