2148667 – (CVE-2022-4145) CVE-2022-4145 openshift: content spoofing

Bug 2148667 (CVE-2022-4145) - CVE-2022-4145 openshift: content spoofing

Summary: CVE-2022-4145 openshift: content spoofing

Keywords:
Status:	NEW
Alias:	CVE-2022-4145
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	---
Assignee:	Nobody
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:	2142217
TreeView+	depends on / blocked

Reported:	2022-11-26 22:18 UTC by Nick Tait
Modified:	2023-10-05 06:02 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A content spoofing flaw was found in OpenShift's OAuth endpoint. This flaw allows a remote, unauthenticated attacker to inject text into a webpage, enabling the obfuscation of a phishing operation.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description Nick Tait 2022-11-26 22:18:48 UTC

there is a content spoofing flaw in OpenShift's OAuth endpoint (https://oauth.openshift.apps.HOSTNAME.com) and spoofing an error_description query param results in seeing the error message come back in the OpenShift response JSON. For example, this URL:

https://oauth-openshift.apps.jmazziteos4.lab.upshift.rdu2.redhat.com/error_description=An%20error%20occurred,%20to%20correct%20please%20visit%20http://dr.evil.com%20or%20call%20the%20number%20081337

is shown an error message which includes text which has been injected by the attacker "An error occurred, to correct please visit http://dr.evil.com or call the number 081337"

Note You need to log in before you can comment on or make changes to this bug.