CVE-2013-4561

CRITICAL

OpenShift - Info Disclosure

Title source: llm

Description

In a openshift node, there is a cron job to update mcollective facts that mishandles a temporary file. This may lead to loss of confidentiality and integrity.

References (2)

[Exploit, Issue Tracking, Vendor Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=1029652

[Patch, Third Party Advisory] https://github.com/openshift/origin-server/commit/f1abe972794e35a4bfba597694ce829990f14d39

View Patch ZIP pw:eip

Scores

CVSS v3 9.1

EPSS 0.0023

EPSS Percentile 45.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Classification

CWE

CWE-377 CWE-668

Status published

Affected Products (1)

redhat/openshift

Timeline

Published Jun 30, 2022

Tracked Since Feb 18, 2026