It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.
Weakness
The product does not validate, or incorrectly validates, a certificate.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Kubernetes | Kubernetes | - (including) | - (including) |
| Red Hat OpenShift Container Platform 3.2 | RedHat | atomic-openshift-0:3.2.1.17-1.git.0.6d01b60.el7 | * |
| Red Hat OpenShift Container Platform 3.3 | RedHat | atomic-openshift-0:3.3.0.35-1.git.0.d7bd9b6.el7 | * |
| Red Hat OpenShift Enterprise 3.1 | RedHat | atomic-openshift-0:3.1.1.8-1.git.0.d469026.el7aos | * |
| Kubernetes | Ubuntu | focal | * |
| Kubernetes | Ubuntu | groovy | * |
| Kubernetes | Ubuntu | hirsute | * |
| Kubernetes | Ubuntu | impish | * |
| Kubernetes | Ubuntu | kinetic | * |
| Kubernetes | Ubuntu | lunar | * |
| Kubernetes | Ubuntu | mantic | * |
| Kubernetes | Ubuntu | oracular | * |
Potential Mitigations
Related Attack Patterns
References
- https://access.redhat.com/errata/RHSA-2016:2064
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7075
- https://github.com/kubernetes/kubernetes/issues/34517
- https://access.redhat.com/errata/RHSA-2016:2064
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7075
- https://github.com/kubernetes/kubernetes/issues/34517