{"containers": {"cna": {"affected": [{"product": "openshift-ansible", "vendor": "Red Hat", "versions": [{"status": "affected", "version": "openshift-ansible-3.11"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-185", "description": "CWE-185", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-04-24T18:34:07", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1741"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:46:30.884Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1741"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-1741", "datePublished": "2020-04-24T18:34:07", "dateReserved": "2019-11-27T00:00:00", "dateUpdated": "2024-08-04T06:46:30.884Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en openshift-ansible. OpenShift Container Platform (OCP) versi\u00f3n 3.11 es muy permisivo en la manera en que especific\u00f3 los or\u00edgenes permitidos por CORS durante la instalaci\u00f3n. Un atacante, capaz de realizar un ataque de tipo man-in-the-middle en la conexi\u00f3n entre el navegador del usuario y la consola de OpenShift, podr\u00eda usar este fallo para llevar a cabo un ataque de phishing. La principal amenaza de esta vulnerabilidad es la confidencialidad de los datos."}], "id": "CVE-2020-1741", "lastModified": "2023-02-12T23:40:34.717", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.2, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2020-04-24T19:15:12.880", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1741"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-185"}], "source": "secalert@redhat.com", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-697"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2020:3541", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-ansible-0:3.11.272-1.git.0.79ab6e9.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-08-27T00:00:00Z"}], "bugzilla": {"description": "openshift-ansible: cors allowed origin allows changing url protocol", "id": "1802381", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1802381"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N", "status": "verified"}, "cwe": "CWE-185", "details": ["A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality.", "A flaw was found in openshift-ansible. OpenShift Container Platform (OCP) 3.11 is too permissive in the way it specified CORS allowed origins during installation. An attacker, able to man-in-the-middle the connection between the user's browser and the openshift console, could use this flaw to perform a phishing attack. The main threat from this vulnerability is data confidentiality."], "mitigation": {"lang": "en:us", "value": "Ensure that the corsAllowedOrigin definition within master-config.yaml contains elements in the form \n~~~\ncorsAllowedOrigins:\n- ^(?i)https://my\\.subdomain\\.domain\\.com(:|\\z)\n~~~\nand not the form\n~~~\ncorsAllowedOrigins:\n- (?i)//my\\.subdomain\\.domain\\.com(:|\\z)\n~~~\nas the first will permit cross origin requests only if the host and protocol matches, whereas the second will permit a downgrade to http protocol for example."}, "name": "CVE-2020-1741", "package_state": [{"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openshift4/ose-hypershift", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2020-03-13T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-1741\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-1741"], "threat_severity": "Low"}