CVE-2019-10225

CVE-2019-10225

A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn’t sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files.

Source: CVE-2019-10225

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다