CVE-2016-3738

HIGH

Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod.

CVSS v3.0 Score

8.8

/ 10.0

HIGH

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Information

Published: 8 juin 2016
Updated: 6 mai 2026
Status: Modified
Source: secalert@redhat.com

Affected products

redhat openshift

Versions : 3.2

Weaknesses (CWE)

CWE-264

References (2)

https://access.redhat.com/errata/RHSA-2016:1094
Vendor Advisory
https://access.redhat.com/errata/RHSA-2016:1094
Vendor Advisory

Similar CVEs

Other vulnerabilities of type CWE-264

Loading…

Monitor your products

Get automatic alerts for every new CVE affecting your equipment.

Enable monitoring