What is CVE-2013-0164?

CVE-2013-0164 is a vulnerability in Redhat Openshift, classified under CWE-264. Published 2013-02-24.

Is CVE-2013-0164 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Redhat Openshift

CVE-2013-0164

The lockwrap function in port-proxy/bin/openshift-port-proxy-cfg in Red Hat OpenShift Origin before 1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary file with a predictable name in /tmp.

EPSS: 0.001 (17.9th percentile) — read the EPSS interpretation.

Affected products

Redhat Openshift
Redhat Openshift_origin — versions 1.0.5
N/a — versions n/a

Weakness classification (CWE)

CWE-264

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

secalert@redhat.com (x_refsource_CONFIRM)
RHSA-2013:0220 (x_refsource_REDHAT, vendor-advisory)
secalert@redhat.com (x_refsource_CONFIRM)
secalert@redhat.com (x_refsource_MISC)

Frequently asked questions

What is CVE-2013-0164?: CVE-2013-0164 is a vulnerability in Redhat Openshift, classified under CWE-264. Published 2013-02-24.
Is CVE-2013-0164 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.