Headline

CVE-2014-0188: Red Hat Customer Portal - Access to 24x7 support and knowledge

The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to a passthrough trigger.

10 years ago

CVE

Open in Source

#vulnerability #web #linux #red_hat #nodejs #js #java #kubernetes #perl #aws #auth #ruby

Skip to navigation Skip to main content

Utilities

Subscriptions
Downloads
Containers
Support Cases

Infrastructure and Management

Red Hat Enterprise Linux
Red Hat Virtualization
Red Hat Identity Management
Red Hat Directory Server
Red Hat Certificate System
Red Hat Satellite
Red Hat Subscription Management
Red Hat Update Infrastructure
Red Hat Insights
Red Hat Ansible Automation Platform

Cloud Computing

Red Hat OpenShift
Red Hat CloudForms
Red Hat OpenStack Platform
Red Hat OpenShift Container Platform
Red Hat OpenShift Data Science
Red Hat OpenShift Online
Red Hat OpenShift Dedicated
Red Hat Advanced Cluster Security for Kubernetes
Red Hat Advanced Cluster Management for Kubernetes
Red Hat Quay
OpenShift Dev Spaces
Red Hat OpenShift Service on AWS

Storage

Red Hat Gluster Storage
Red Hat Hyperconverged Infrastructure
Red Hat Ceph Storage
Red Hat OpenShift Data Foundation

Runtimes

Red Hat Runtimes
Red Hat JBoss Enterprise Application Platform
Red Hat Data Grid
Red Hat JBoss Web Server
Red Hat Single Sign On
Red Hat support for Spring Boot
Red Hat build of Node.js
Red Hat build of Thorntail
Red Hat build of Eclipse Vert.x
Red Hat build of OpenJDK
Red Hat build of Quarkus

Integration and Automation

Red Hat Process Automation
Red Hat Process Automation Manager
Red Hat Decision Manager

All Products

Issued:

2014-04-23

Updated:

2014-04-23

RHSA-2014:0423 - Security Advisory

Overview
Updated Packages

Synopsis

Critical: openshift-origin-broker security update

Type/Severity

Security Advisory: Critical

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated openshift-origin-broker and
rubygem-openshift-origin-auth-remote-user packages that fix one security
issue are now available for Red Hat OpenShift Enterprise 2.0.5.

The Red Hat Security Response Team has rated this update as having Critical
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

Description

The openshift-origin-broker package provides the OpenShift Broker service
that manages all user logins, DNS name resolution, application states, and
general orchestration of the applications.

The rubygem-openshift-origin-auth-remote-user package provides the remote
user authentication plug-in.

A flaw was found in the way openshift-origin-broker handled authentication
requests via the remote user authentication plug-in. A remote attacker able
to submit a request to openshift-origin-broker could set the X-Remote-User
header, and send the request to a passthrough trigger, resulting in a
bypass of the authentication checks to gain access to any OpenShift user
account on the system. (CVE-2014-0188)

All users of Red Hat OpenShift Enterprise 2.0.5 are advised to upgrade to
these updated packages, which contain a backported patch to correct this
issue. After installing the updated packages, restart the httpd daemon for
this update to take effect.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258

Affected Products