CVE-2013-4281 In Red Hat Openshift 1, the /etc/openshift/server_priv.pem file has weak default permissions, which could allow users with local access to read it.

The permissions for this file are set to 0650, which allows group and world access. The /etc/openshift/server_priv.pem file is intended for configuration of the OpenShift distributed application platform, and must not be edited by users with local access to the broker. The /etc/openshift/server_priv.pem file is a system file, not a user file, and therefore has weak permissions. Red Hat recommends that the /etc/openshift/server_priv.pem file be backed up and accessible only by root users. If the broker is using a public cloud, such as Amazon Web Services, Red Hat recommends that the /etc/openshift/server_priv.pem file be backed up and accessible only by root users.

Authentication: Authentication bypass vulnerability

A vulnerability in the "/etc/openshift/server_priv.pem" file allows an attacker to bypass authentication and gain unauthorized local access to the broker through weak permissions on this file.

Products and versions affected by this vulnerability

The permissions for the /etc/openshift/server_priv.pem file must only be set to 0650 and should not be modified by users with local access to the broker. The /etc/openshift/server_priv.pem file is intended for configuration of the OpenShift distributed application platform, and must not be edited by users with local access to the broker.
-Red Hat Enterprise Linux 5
-Red Hat Enterprise Linux 6
-Red Hat Enterprise Linux 7
-RHEL5U6U7U server (RHEL5 Update 8)

Vulnerability Scenario

A security vulnerability was discovered in Red Hat OpenShift 3.2 and 3.3 that allows a malicious user to access the broker's private key file, which contains the SSL certificates used by the application server to secure traffic between client-side applications and the OpenShift platform.

CVE-2013-4282

The permissions for this file are set to 0650, which allows group and world access. The /etc/openshift/cluster_priv.pem file is intended for configuration of the OpenShift distributed application platform, and must not be edited by users with local access to the broker. The /etc/openshift/cluster_priv.pem file is a system file, not a user file, and therefore has weak permissions. Red Hat recommends that the /etc/openshift/cluster_priv.pem file be backed up and accessible only by root users. If the broker is using a public cloud, such as Amazon Web Services, Red Hat recommends that the /etc/openshift/cluster_priv.pem be backed up and accessible only by root users.

Timeline

Published on: 10/19/2022 18:15:00 UTC
Last modified on: 10/21/2022 17:06:00 UTC

References

• https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice
• https://www.openwall.com/lists/oss-security/2014/06/05/19
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4281