Security Advisory

CVE-2022-1677

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-09-01 19:51:43

Last updated 2024-08-03 00:10:03

Assigner redhat

State PUBLISHED

Description

In OpenShift Container Platform, a user with permissions to create or modify Routes can craft a payload that inserts a malformed entry into one of the cluster routers HAProxy configuration files. This malformed entry can match any arbitrary hostname, or all hostnames in the cluster, and direct traffic to an arbitrary application within the cluster, including one under attacker control.

← Browse all CVEs View on cve.org ↗