Unsecured Management Interface in Red Hat Single Sign-On for OpenShift Container Images Allows Code Deployment and Information Access

Unsecured Management Interface in Red Hat Single Sign-On for OpenShift Container Images Allows Code Deployment and Information Access

CVE-2022-4039 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A flaw was found in Red Hat Single Sign-On for OpenShift container images, which are configured with an unsecured management interface enabled. This flaw allows an attacker to use this interface to deploy malicious code and access and modify potentially sensitive information in the app server configuration.

Learn more about our Cis Benchmark Audit For Server Software.