CVE-2019-3818

The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the encryption.

Published: Feb 5, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-3818
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-327

OWASP TOP 10:

A3 - Sensitive Data Exposure

Affected Software
References

Software	From	Fixed in
redhat / openshift_container_platform	3.11	3.11.x
kube-rbac-proxy_project / kube-rbac-proxy	-	0.4.1

http://www.securityfocus.com/bid/106744
https://access.redhat.com/errata/RHBA-2019:0327
https://access.redhat.com/security/cve/CVE-2019-3818
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3818

Vulnerability Database

289,599

CVE-2019-3818