Back to bug 2081181
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Sage McTaggart | 2022-05-09 16:50:03 UTC | Alias | CVE-2022-1632 | |
| Summary | Openshift: ClusterIP Service TLS certificate not checked by route controller if re-encrypt Route destinationCACertificate field is explicitly set to default serviceCA | CVE-2022-1632 Openshift: ClusterIP Service TLS certificate not checked by route controller if re-encrypt Route destinationCACertificate field is explicitly set to default serviceCA | ||
| Sage McTaggart | 2022-05-09 16:50:39 UTC | CC | bcoca, chousekn, cmeyers, davidn, gblomqui, igor.raits, infra-sig, jcammara, jhardy, jobarker, mabashia, notting, osapryki, relrod, rpetrell, sdoran, smcdonal, tkuratom | |
| Sage McTaggart | 2022-05-09 16:57:31 UTC | Doc Text | An Improper Certificate Validation attack was discovered in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation, which an attacker could exploit with an invalid certificate. This could result in a loss of confidentiality. | |
| Sage McTaggart | 2022-05-09 16:57:48 UTC | Depends On | 2083321, 2083320 | |
| RaTasha Tillery-Smith | 2022-05-10 12:23:34 UTC | Doc Text | An Improper Certificate Validation attack was discovered in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation, which an attacker could exploit with an invalid certificate. This could result in a loss of confidentiality. | An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of confidentiality. |
| CC | vkumar | |||
| Kaushal Sathe | 2022-05-10 12:53:41 UTC | CC | ksathe | |
| pbunev | 2022-06-03 07:37:01 UTC | CC | pbunev | |
| Vipul Nair | 2022-06-06 12:15:08 UTC | Depends On | 2093936 | |
| Kaushal Sathe | 2022-06-06 15:07:44 UTC | Flags | needinfo?(security-response-team) | |
| CC | security-response-team | |||
| Product Security DevOps Team | 2022-06-06 17:49:00 UTC | CC | amctagga | |
| Flags | needinfo?(security-response-team) | needinfo?(amctagga) | ||
| Sage McTaggart | 2022-06-09 21:46:18 UTC | Flags | needinfo?(amctagga) | |
| Kaushal Sathe | 2022-06-10 12:53:21 UTC | Flags | needinfo?(amctagga) | |
| Sage McTaggart | 2022-06-17 17:13:11 UTC | Flags | needinfo?(amctagga) | |
| Sage McTaggart | 2022-07-19 17:41:41 UTC | Flags | needinfo?(ksathe) | |
| Sage McTaggart | 2022-07-20 20:29:18 UTC | Depends On | 2109273 | |
| Igor Raits | 2022-08-30 12:14:15 UTC | CC | igor.raits | |
| Kaushal Sathe | 2022-11-25 02:39:42 UTC | Flags | needinfo?(ksathe) | |
| Kaushal Sathe | 2022-12-06 04:37:13 UTC | Link ID | Red Hat Knowledge Base (Solution) 6989132 | |
| Shailendra Singh | 2022-12-06 17:51:07 UTC | CC | shaising | |
| Sage McTaggart | 2022-12-06 22:06:27 UTC | CC | adudiak, kshier, stcannon, tfister, yguenane | |
| Red Hat Bugzilla | 2023-01-01 05:32:53 UTC | CC | amctagga | |
| Red Hat Bugzilla | 2023-02-15 18:47:32 UTC | CC | ksathe | |
| Red Hat Bugzilla | 2023-03-29 23:17:19 UTC | CC | lhinds | |
| Red Hat Bugzilla | 2023-04-29 08:27:57 UTC | CC | sttts | |
| Red Hat Bugzilla | 2023-07-07 08:35:48 UTC | Assignee | security-response-team | nobody |
| CC | security-response-team |
Back to bug 2081181