Bug 964013 - (CVE-2013-2103) CVE-2013-2103 OpenShift cartridge: remote URL retrieval
CVE-2013-2103 OpenShift cartridge: remote URL retrieval
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On: 963607 964015 964016
Blocks: 964014
  Show dependency treegraph
Reported: 2013-05-17 00:28 EDT by Kurt Seifried
Modified: 2015-07-23 10:51 EDT (History)
11 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-06-25 03:51:04 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Kurt Seifried 2013-05-17 00:28:53 EDT
Jeremy Choi (jechoi@redhat.com) reports:

Requests to the /broker/rest/domains/dom/applications OpenShift components 
include a URL that points to a cartridge file to be loaded. Requests are not
restricted and can be sent to any host, also no rate limiting is placed on the
number or rate of requests. This can be used to download a large amount of 
information or to potentially bypass firewall rules as the requests would
originate from the OpenShift server.
Comment 3 Kurt Seifried 2014-06-25 03:51:04 EDT

Red Hat OpenShift Enterprise 1.2 is now in Production 1 Phase of the support
and maintenance life cycle. This has been rated as having Moderate security
impact and is not currently planned to be addressed in future updates. For
additional information, refer to the Red Hat OpenShift Enterprise Life Cycle:

Note You need to log in before you can comment on or make changes to this bug.