Security Advisory

CVE-2022-1632

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-01 00:00:00

Last updated 2024-08-03 00:10:03

Assigner redhat

State PUBLISHED

Description

An Improper Certificate Validation attack was found in Openshift. A re-encrypt Route with destinationCACertificate explicitly set to the default serviceCA skips internal Service TLS certificate validation. This flaw allows an attacker to exploit an invalid certificate, resulting in a loss of confidentiality.

← Browse all CVEs View on cve.org ↗