TROYANOSYVIRUS
Retour aux CVEs

CVE-2019-10150

N/A

Description

It was found that OpenShift Container Platform versions 3.6.x - 4.6.0 does not perform SSH Host Key checking when using ssh key authentication during builds. An attacker, with the ability to redirect network traffic, could use this to alter the resulting build output.

Details CVE

Score CVSS v3.1N/A
Publie6/12/2019
Derniere modification11/21/2024
Sourcenvd
Observations honeypot0

Produits affectes

redhat:openshift_container_platform

Faiblesses (CWE)

CWE-287CWE-287

References

https://access.redhat.com/errata/RHSA-2019:2989(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:3007(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:3143(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:3811(secalert@redhat.com)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10150(secalert@redhat.com)
https://docs.openshift.com/container-platform/3.11/dev_guide/builds/build_inputs.html#source-secrets-ssh-key-authentication(secalert@redhat.com)
https://access.redhat.com/errata/RHSA-2019:2989(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3007(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3143(af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3811(af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10150(af854a3a-2127-422b-91ae-364da2661108)
https://docs.openshift.com/container-platform/3.11/dev_guide/builds/build_inputs.html#source-secrets-ssh-key-authentication(af854a3a-2127-422b-91ae-364da2661108)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.