vulnerability

Red Hat OpenShift: CVE-2016-2142: openshift: Bind password for AD account is stored in world readable file

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
Jun 8, 2016
Added
Jun 18, 2018
Modified
Apr 14, 2025

Description


Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file.

Solution

linuxrpm-upgrade-atomic-openshift
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.