Vulnerability Details CVE-2018-1070
routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.0
References
Products affected by CVE-2018-1070
-
cpe:2.3:a:redhat:openshift_container_platform:-
-
cpe:2.3:a:redhat:openshift_container_platform:2.0
-
cpe:2.3:a:redhat:openshift_container_platform:2.1
-
cpe:2.3:a:redhat:openshift_container_platform:2.2
-
cpe:2.3:a:redhat:openshift_container_platform:3.0
-
cpe:2.3:a:redhat:openshift_container_platform:3.1
-
cpe:2.3:a:redhat:openshift_container_platform:3.2
-
cpe:2.3:a:redhat:openshift_container_platform:3.3
-
cpe:2.3:a:redhat:openshift_container_platform:3.4
-
cpe:2.3:a:redhat:openshift_container_platform:3.5
-
cpe:2.3:a:redhat:openshift_container_platform:3.6
-
cpe:2.3:a:redhat:openshift_container_platform:3.7
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.14
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.23
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.42-2
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.44
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.46
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.52
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.53
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.54
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.57
-
cpe:2.3:a:redhat:openshift_container_platform:3.7.61
-
cpe:2.3:a:redhat:openshift_container_platform:3.8
-
cpe:2.3:a:redhat:openshift_container_platform:3.9
-
cpe:2.3:a:redhat:openshift_container_platform:3.9.31