CVE-2013-4281

In Red Hat Openshift 1, weak default permissions are applied to the /etc/openshift/server_priv.pem file on the broker server, which could allow users with local access to the broker to read this file.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
CISA-ADPADP
5.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
VendorProductVersion
redhatopenshift
1.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice
https://www.openwall.com/lists/oss-security/2014/06/05/19
https://github.com/openshift/openshift-extras/blob/enterprise-2.0/README.md#security-notice
https://www.openwall.com/lists/oss-security/2014/06/05/19