Skip to main content

Credentials Management Errors

CVE-2015-8945

Severity Medium
Score 5.1/10

Summary

openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.

  • HIGH
  • LOCAL
  • NONE
  • UNCHANGED
  • NONE
  • NONE
  • HIGH
  • NONE

CWE-255 - Credentials Management Errors

Weaknesses in this category are related to the management of credentials.

Advisory Timeline

  • Published