CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7534

OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the log viewer for pods. The flaw is due to lack of sanitation of user input, specifically terminal escape characters, and the creation of clickable links automatically when viewing the log files for a pod.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 38.9%

CVSS Severity

CVSS v3 Score 5.4

CVSS v2 Score 3.5

References

Products affected by CVE-2017-7534

Redhat » Openshift » Version: 3.0

cpe:2.3:a:redhat:openshift:3.0
Redhat » Openshift » Version: 3.1

cpe:2.3:a:redhat:openshift:3.1
Redhat » Openshift » Version: 3.2

cpe:2.3:a:redhat:openshift:3.2
Redhat » Openshift » Version: 3.3

cpe:2.3:a:redhat:openshift:3.3
Redhat » Openshift » Version: 3.4

cpe:2.3:a:redhat:openshift:3.4
Redhat » Openshift » Version: 3.5

cpe:2.3:a:redhat:openshift:3.5
Redhat » Openshift » Version: 3.6

cpe:2.3:a:redhat:openshift:3.6
Redhat » Openshift » Version: 3.7

cpe:2.3:a:redhat:openshift:3.7
Redhat » Openshift » Version: 3.9

cpe:2.3:a:redhat:openshift:3.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-7534

Products

Pricing

Contact Us