QwikSec

Security Database

CVE

CWE

Training

CVE-2014-0234

Published: Feb 12, 2020

Modified: Aug 6, 2024

PUBLISHED

Description

The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in Openshift Extras before 20130920. NOTE: this may overlap CVE-2013-4253 and CVE-2013-4281.

Vendor	Product	Versions
n/a	Red Hat OpenShift Enterprise	affected `2.x before 2.1`

References

https://github.com/openshift/openshift-extras/blob/master/README.md

x_refsource_MISC

http://openwall.com/lists/oss-security/2014/06/05/19

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=1097008

x_refsource_MISC

https://rhn.redhat.com/errata/RHSA-2014-0487.html

x_refsource_MISC

http://www.securityfocus.com/bid/67657

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.