Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat OpenShift Enterprise 授权问题漏洞
Vulnerability Description
Red Hat OpenShift Enterprise是美国红帽(Red Hat)公司的一款企业版平台即服务(PaaS)云计算平台,它支持构建、测试、部署和运行应用程序。 Red Hat OpenShift Enterprise 2.0.5及之前版本和1.2.7及之前版本存在授权问题漏洞,该漏洞源于程序没有正确处理插件的授权请求。远程攻击者可借助请求中的X-Remote-User头信息利用该漏洞绕过身份验证,冒充任意用户。
CVSS Information
N/A
Vulnerability Type
N/A