CVE-2015-5274

Loading...

General

Score:6.5/10.0
Severity:Medium
Category:Command Injection

Impact Metrics

Confidentiality:Partial
Integrity:Partial
Availability:Partial

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:Single

Published on 18/09/15 - Updated on 22/09/15

Description

rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to execute arbitrary commands via a crafted request to the Broker.

Category: Command Injection

CWE-77 (Command Injection)
The software constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.

Security Notices

US National Vulnerability DatabaseCVE-2015-5274

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
redhatopenshift

Share this vulnerability with:

Twitter Facebook LinkedIn Mail