CVE-2014-0188

Impact:
Critical
Public Date:
2014-04-23
IAVA:
2015-B-0007
CWE:
CWE-592
Bugzilla:
1090120: CVE-2014-0188 OpenShift: openshift-origin-broker plugin allows impersonation

The MITRE CVE dictionary describes this issue as:

The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger.

Find out more about CVE-2014-0188 from the MITRE CVE dictionary dictionary and NIST NVD.

CVSS v2 metrics

Base Score 7.5
Base Metrics AV:N/AC:L/Au:N/C:P/I:P/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial

Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).

Red Hat Security Errata

Platform Errata Release Date
RHOSE Client 1.2 (openshift-origin-broker) RHSA-2014:0422 2014-04-23
RHOSE Client 2.0 (openshift-origin-broker) RHSA-2014:0423 2014-04-23

Affected Packages State

Platform Package State
Red Hat OpenShift Enterprise 1 enshift-origin-broker Affected

Mitigation

add this in the host httpd conf global config, e.g. at the
end of /etc/httpd/conf.d/000002_openshift_origin_broker_proxy.conf:

RequestHeader unset X-Remote-User

Last Modified

CVE description copyright © 2017, The MITRE Corporation