Vulnerability Description
Cross-site request forgery (CSRF) vulnerability in the management console (openshift-console/app/controllers/application_controller.rb) in OpenShift 0.0.5 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Redhat | Openshift | 0.0.5 |
Related Weaknesses (CWE)
References
- http://osvdb.org/88333
- http://rhn.redhat.com/errata/RHSA-2012-1555.htmlVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=883227
- https://github.com/openshift/origin-server/commit/1ad0d1d792395306b59a34ad7b6e7ePatch
- https://github.com/openshift/origin-server/pull/1009
- http://osvdb.org/88333
- http://rhn.redhat.com/errata/RHSA-2012-1555.htmlVendor Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=883227
- https://github.com/openshift/origin-server/commit/1ad0d1d792395306b59a34ad7b6e7ePatch
- https://github.com/openshift/origin-server/pull/1009
FAQ
What is CVE-2012-5622?
CVE-2012-5622 is a vulnerability with a CVSS score of 6.8 (MEDIUM). Cross-site request forgery (CSRF) vulnerability in the management console (openshift-console/app/controllers/application_controller.rb) in OpenShift 0.0.5 allows remote attackers to hijack the authent...
How severe is CVE-2012-5622?
CVE-2012-5622 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2012-5622?
Check the references section above for vendor advisories and patch information. Affected products include: Redhat Openshift.