World-readable permissions on /etc/origin/master/master-config.yaml expose Active Directory credentials in Red Hat OpenShift Enterprise 3.1
CVE-2016-2142 · LOW Severity
AV:L/AC:L/AU:N/C:P/I:N/A:N
Red Hat OpenShift Enterprise 3.1 uses world-readable permissions on the /etc/origin/master/master-config.yaml configuration file, which allows local users to obtain Active Directory credentials by reading the file.
Learn more about our User Device Pen Test.