CVE-2018-1070
MEDIUMOpenShift Container Platform < 3.10 - Denial of Service via Routing Configuration
Title source: llmDescription
routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard.
References (2)
Core 2
Core References
Third Party Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2018:2013
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1070
Scores
CVSS v3
6.5
EPSS
0.0086
EPSS Percentile
54.0%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (1)
redhat/openshift_container_platform
< 3.10
Published
Jun 12, 2018
Tracked Since
Feb 18, 2026