Vulnerability Details : CVE-2014-3496
cartridge_repository.rb in OpenShift Origin and Enterprise 1.2.8 through 2.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in a Source-Url ending with a (1) .tar.gz, (2) .zip, (3) .tgz, or (4) .tar file extension in a cartridge manifest file.
Products affected by CVE-2014-3496
- cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift:2.1:*:*:*:enterprise:*:*:*
- cpe:2.3:a:redhat:openshift:2.0.5:*:enterprise:*:*:*:*:*
- cpe:2.3:a:redhat:openshift:2.0.4:*:enterprise:*:*:*:*:*
- cpe:2.3:a:redhat:openshift:1.2.8:*:*:*:enterprise:*:*:*
- cpe:2.3:a:redhat:openshift:2.1.1:*:*:*:enterprise:*:*:*
- cpe:2.3:a:redhat:openshift:2.0.6:*:*:*:enterprise:*:*:*
- cpe:2.3:a:redhat:openshift:2.0.1:*:enterprise:*:*:*:*:*
- cpe:2.3:a:redhat:openshift:2.0.2:*:enterprise:*:*:*:*:*
- cpe:2.3:a:redhat:openshift:2.0.3:*:enterprise:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_origin:2.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_origin:2.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift_origin:1.2.8:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2014-3496
1.19%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2014-3496
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2014-3496
-
The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-3496
-
http://rhn.redhat.com/errata/RHSA-2014-0764.html
RHSA-2014:0764 - Security Advisory - Red Hat Customer Portal
-
https://bugzilla.redhat.com/show_bug.cgi?id=1110470
1110470 – (CVE-2014-3496) CVE-2014-3496 OpenShift Origin: Command execution as root via downloadable cartridge source-url
-
http://rhn.redhat.com/errata/RHSA-2014-0762.html
RHSA-2014:0762 - Security Advisory - Red Hat Customer Portal
-
https://github.com/openshift/origin-server/pull/5521
[TO_STAGE] Bug 1110283 - Escape Source-Url during clone/copy by jwhonce · Pull Request #5521 · openshift/origin-server · GitHub
-
http://secunia.com/advisories/59298
Sign in
-
http://rhn.redhat.com/errata/RHSA-2014-0763.html
RHSA-2014:0763 - Security Advisory - Red Hat Customer Portal
Jump to