Kubernetes/OpenShift Enterprise 3 X.509 Certificate Validation Bypass Vulnerability

Kubernetes/OpenShift Enterprise 3 X.509 Certificate Validation Bypass Vulnerability

CVE-2016-7075 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate.

Learn more about our Cis Benchmark Audit For Kubernetes.