A vulnerability was found in Openshift Container Platform (Virtualization Software) (version unknown). It has been classified as problematic. Affected is an unknown function of the component OAuth Token Handler. The manipulation with an unknown input leads to a cleartext storage vulnerability. CWE is classifying the issue as CWE-312. The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere. This is going to have an impact on confidentiality. CVE summarizes:

A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled. This flaw allows an attacker with access to a backup to obtain OAuth tokens and then use them to log into the cluster as any user who logged into the cluster via the WebUI or via the command line in the last 24 hours. Once the backup is older than 24 hours the OAuth tokens are no longer valid.

The weakness was disclosed 05/12/2020 as not defined bug report (Bugzilla). The advisory is available at bugzilla.redhat.com. This vulnerability is traded as CVE-2020-10706 since 03/20/2020. The exploitability is told to be difficult. Local access is required to approach this attack. The successful exploitation requires a authentication. The technical details are unknown and an exploit is not available. This vulnerability is assigned to T1555 by the MITRE ATT&CK project.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Type

• Virtualization Software

Vendor

• Openshift

Name

• Container Platform

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion