Privilege Escalation via STI Builds in Red Hat OpenShift Enterprise 3.2

Privilege Escalation via STI Builds in Red Hat OpenShift Enterprise 3.2

CVE-2016-3738 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Red Hat OpenShift Enterprise 3.2 does not properly restrict access to STI builds, which allows remote authenticated users to access the Docker socket and gain privileges via vectors related to build-pod.

Learn more about our Cis Benchmark Audit For Docker.