CVE-2014-0233

Red Hat OpenShift <2.2 - Command Injection

Title source: llm
STIX 2.1

Description

Red Hat OpenShift Enterprise 2.0 and 2.1 and OpenShift Origin allow remote authenticated users to execute arbitrary commands via shell metacharacters in a directory name that is referenced by a cartridge using the file: URI scheme.

References (3)

Core 3
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0530.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-0529.html

Scores

EPSS 0.0173
EPSS Percentile 74.8%

Details

CWE
CWE-94
Status published
Products (2)
redhat/openshift 2.0
redhat/openshift 2.1
Published Nov 16, 2014
Tracked Since Feb 18, 2026