Unrated severityNVD Advisory· Published Mar 19, 2021· Updated Aug 4, 2024
CVE-2019-10225
CVE-2019-10225
Description
A flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- atomic-openshift/openshiftdescription
- Range: =4.2
Patches
Vulnerability mechanics
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_MISC
News mentions
0No linked articles in our index yet.