A flaw was found in Openshift. A pod with a DNSPolicy of "ClusterFirst" may incorrectly resolve the hostname based on a service provided. This flaw allows an attacker to supply an incorrect name with the DNS search policy, affecting confidentiality and availability.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:HRed Hat Openshift
APPRedhat4.9
Related vulnerabilities
In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This ma...
IBM Cloud Pak for Security (CP4S) 1.7.0.0, 1.7.1.0, 1.7.2.0, and 1.8.0.0 could allow an attacker to perform un...
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "moo...
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via s...
mcollective has a default password set at install