CVE-2018-1070

Published: Jun 12, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard.

Affected (1)

Products: Redhat: Openshift Container Platform

1 product

Openshift Container Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Openshift Container Platform	Before 3.10

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

https://access.redhat.com/errata/RHSA-2018:2013

Source: secalert@redhat.com

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1070

Source: secalert@redhat.com

Issue Tracking

https://access.redhat.com/errata/RHSA-2018:2013

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1070

Source: af854a3a-2127-422b-91ae-364da2661108

Issue Tracking

Timeline

No history available yet.