OpenShift Enterprise Cluster-Read Vulnerability: Unauthorized Access to Webhook Tokens

OpenShift Enterprise Cluster-Read Vulnerability: Unauthorized Access to Webhook Tokens

CVE-2017-15138 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

The OpenShift Enterprise cluster-read can access webhook tokens which would allow an attacker with sufficient privileges to view confidential webhook tokens.

Learn more about our Web App Pen Testing.