7.5
CVE-2012-5646
- EPSS 2.2%
- Veröffentlicht 24.02.2013 21:55:00
- Zuletzt bearbeitet 29.04.2026 01:13:23
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
node-util/www/html/restorer.php in the Red Hat OpenShift Origin before 1.0.5-3 allows remote attackers to execute arbitrary commands via a crafted uuid in the PATH_INFO.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Openshift Origin Version <= 1.0.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.2% | 0.803 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 10 | 6.4 |
AV:N/AC:L/Au:N/C:P/I:P/A:P
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://rhn.redhat.com/errata/RHSA-2013-0148.html
http://www.osvdb.org/89431
http://www.securityfocus.com/bid/57189
https://bugzilla.redhat.com/show_bug.cgi?id=888518
https://github.com/openshift/origin-server/commit/32564a0839b1517d762afab2013c26c0959bac00
https://github.com/openshift/origin-server/pull/1017