CVE Vulnerabilities

CVE-2012-5658

Published: Feb 24, 2013 | Modified: Feb 26, 2013
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
2.1 MODERATE
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V3
Ubuntu

rhc-chk.rb in Red Hat OpenShift Origin before 1.1, when -d (debug mode) is used, outputs the password and other sensitive information in cleartext, which allows context-dependent attackers to obtain sensitive information, as demonstrated by including log files or Bugzilla reports in support channels.

Affected Software

Name Vendor Start Version End Version
Openshift Redhat * 1.0
Openshift_origin Redhat 1.0.5 1.0.5
RHEL 6 Version of OpenShift Enterprise RedHat jenkins-0:1.498-1.1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat mongodb-0:2.0.2-6.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-console-0:0.0.13-2.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-broker-0:1.0.10-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-broker-util-0:1.0.14-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-cartridge-haproxy-1.4-0:1.0.3-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-cartridge-ruby-1.8-0:1.0.5-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-cartridge-ruby-1.9-scl-0:1.0.5-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-msg-node-mcollective-0:1.0.2-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-node-util-0:1.0.7-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat openshift-origin-port-proxy-0:1.0.3-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rhc-0:1.3.2-1.3.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat ruby193-rubygem-activerecord-1:3.2.8-2.el6 *
RHEL 6 Version of OpenShift Enterprise RedHat ruby193-rubygem-passenger-0:3.0.12-21.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-activerecord-1:3.0.13-3.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-openshift-origin-auth-remote-user-0:1.0.4-2.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-openshift-origin-common-0:1.0.2-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-openshift-origin-console-0:1.0.6-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-openshift-origin-controller-0:1.0.11-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-openshift-origin-dns-bind-0:1.0.2-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-openshift-origin-msg-broker-mcollective-0:1.0.4-1.el6op *
RHEL 6 Version of OpenShift Enterprise RedHat rubygem-openshift-origin-node-0:1.0.10-6.el6op *

References