Back to search
CVE-2015-8945
Published: Aug 5, 2016
Modified: Aug 6, 2024
PUBLISHED
Description
openshift-node in OpenShift Origin 1.1.6 and earlier improperly stores router credentials as envvars in the pod when the --credentials option is used, which allows local users to obtain sensitive private key information by reading the systemd journal.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20160713 CVE Request: openshift-node is logging private RSA keys to the systemd journal
mailing-list
x_refsource_MLIST
91776
vdb-entry
x_refsource_BID
[oss-security] 20160713 Re: CVE Request: openshift-node is logging private RSA keys to the systemd journal
mailing-list
x_refsource_MLIST
https://github.com/openshift/origin/issues/3951
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now