← volver
CVE-2022-1677

CVE-2022-1677

EPSS 0.5%CWE-400
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
01 sep 2022Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster router's HAProxy configuration files. This malformed entry can match any arbitrary hostname, or all hostnames in the cluster, and direct traffic to an arbitrary application within the cluster, including one under attacker control.
Productos afectados
n/a · Openshift