SB2022053119 - Multiple vulnerabilities in OpenShift Container Platform 4.8

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2022053119

SB2022053119 - Multiple vulnerabilities in OpenShift Container Platform 4.8

Published: May 31, 2022 Updated: November 13, 2023

Security Bulletin ID SB2022053119
Severity
High
Patch available
YES
Number of vulnerabilities 8
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 13% Medium 75% Low 13%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 8 secuirty vulnerabilities.


1) Man-in-the-Middle (MitM) attack (CVE-ID: CVE-2022-1677)

The vulnerability allows a remote user to perform MitM attack.

The vulnerability exists due to an error when handling entries in cluster router's HAProxy configuration files. A remote user with permissions to create or modify Routes can insert a malformed entry into configuration files that match any arbitrary hostname or all hostnames in the cluster, and direct traffic to an arbitrary application within the cluster, including the application under attacker's control.


2) Buffer overflow (CVE-ID: CVE-2018-25032)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when compressing data. A remote attacker can pass specially crafted input to the application, trigger memory corruption and perform a denial of service (DoS) attack.


3) Input validation error (CVE-ID: CVE-2022-1271)

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to insufficient validation when processing filenames with two or more newlines. A remote attacker can force zgrep or xzgrep to write arbitrary files on the system.

Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.


4) Improper input validation (CVE-ID: CVE-2022-21426)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the JAXP component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.


5) Improper input validation (CVE-ID: CVE-2022-21434)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.


6) Improper input validation (CVE-ID: CVE-2022-21443)

The vulnerability allows a remote non-authenticated attacker to perform service disruption.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.


7) Improper input validation (CVE-ID: CVE-2022-21476)

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to improper input validation within the Libraries component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to gain access to sensitive information.


8) Improper input validation (CVE-ID: CVE-2022-21496)

The vulnerability allows a remote non-authenticated attacker to manipulate data.

The vulnerability exists due to improper input validation within the JNDI component in Oracle GraalVM Enterprise Edition. A remote non-authenticated attacker can exploit this vulnerability to manipulate data.


Remediation

Install update from vendor's website.

References