Unrated severityNVD Advisory· Published Jun 12, 2020· Updated Aug 4, 2024
CVE-2020-10752
CVE-2020-10752
Description
A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into the API Server with the leaked token.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: All versions
Patches
Vulnerability mechanics
References
2- github.com/openshift/enhancements/pull/323mitrex_refsource_CONFIRM
- github.com/openshift/origin/blob/master/vendor/k8s.io/kubernetes/staging/src/k8s.io/apiserver/pkg/server/filters/wrap.gomitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.