Bug 1262518 (CVE-2015-5274)

Summary: CVE-2015-5274 OpenShift 2.2: API command injection vulnerability
Product: [Other] Security Response Reporter: Kurt Seifried <kseifried>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: unspecifiedCC: bleanhar, ccoleman, dmcphers, jdetiber, jialiu, jkeck, joelsmith, jokerman, kseifried, lmeyer, mmasters, mmccomas, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
A command injection flaw was found in the OpenShift Origin Management Console. A remote, authenticated user permitted to send requests to the Broker could use this flaw to execute arbitrary commands with elevated privileges on the Red Hat OpenShift server.
 Story Points: ---
Clone Of: Environment:
Last Closed: 2015-09-16 19:44:38 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1262519, 1262520    
Bug Blocks: 1262521    

Description Kurt Seifried 2015-09-12 04:34:12 UTC 
It is reported that a command injection flaw exists in OpenShift's Broker API 
which can lead to arbitrary code execution within the OpenShift Broker. This 
issue can only be exploited by authenticated OpenShift users with access to 
connect to the broker (e.g. to start cartridge and gear instances). OpenShift 
version 3 is not affected.
Comment 3 errata-xmlrpc 2015-09-16 19:06:27 UTC 
This issue has been addressed in the following products:

  RHEL 6 Version of OpenShift Enterprise 2.2

Via RHSA-2015:1808 https://rhn.redhat.com/errata/RHSA-2015-1808.html