VDB

RHSA-2020%3A3727

RHSA-2020%3A3727 PUBLISHED CVSS 3.0999999046325684 LOW

It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker to trick a user into performing arbitrary actions in OCP's distribution of Kibana, such as clickjacking.

Risk Scores

CVSS 3.1
3.0999999046325684
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

Affected Products

VendorProductVersions
Red Hatopenshift3/ose-docker-registry@sha256:e01939c1a1721db529b079dc80d0db7432adc96bb71678817dc688d927a9d4d7_ppc64le as a component of Red Hat OpenShift Container Platform 3.11*, openshift3/ose-docker-registry@sha256:e01939c1a1721db529b079dc80d0db7432adc96bb71678817dc688d927a9d4d7_ppc64le
Red Hatopenshift3/ose-docker-registry@sha256:e01939c1a1721db529b079dc80d0db7432adc96bb71678817dc688d927a9d4d7_ppc64le as a component of Red Hat OpenShift Container Platform 3.11openshift3/ose-docker-registry@sha256:e01939c1a1721db529b079dc80d0db7432adc96bb71678817dc688d927a9d4d7_ppc64le
Red Hatopenshift3/ose-logging-kibana5@sha256:db7cd31fd03986589b2e3e618aee85edc2383f56a9ee47c175e858f99d641f78_amd64 as a component of Red Hat OpenShift Container Platform 3.11*
Red Hatopenshift3/ose-logging-kibana5@sha256:db7cd31fd03986589b2e3e618aee85edc2383f56a9ee47c175e858f99d641f78_amd64
Red Hatopenshift3/ose-logging-kibana5@sha256:65924e84fff7fc4ace75f00b823f3412af4936066a641849aa4b3c845b25c698_ppc64le as a component of Red Hat OpenShift Container Platform 3.11*, *
Red Hatopenshift3/ose-docker-registry@sha256:2b58d801f83a732b121c74eedee3849c2137a1a534f5737483652b25f1fc66ec_amd64 as a component of Red Hat OpenShift Container Platform 3.11openshift3/ose-docker-registry@sha256:2b58d801f83a732b121c74eedee3849c2137a1a534f5737483652b25f1fc66ec_amd64
Red Hatopenshift3/ose-logging-kibana5@sha256:65924e84fff7fc4ace75f00b823f3412af4936066a641849aa4b3c845b25c698_ppc64le as a component of Red Hat OpenShift Container Platform 3.11openshift3/ose-logging-kibana5@sha256:65924e84fff7fc4ace75f00b823f3412af4936066a641849aa4b3c845b25c698_ppc64le
Red Hatopenshift3/ose-docker-registry@sha256:2b58d801f83a732b121c74eedee3849c2137a1a534f5737483652b25f1fc66ec_amd64 as a component of Red Hat OpenShift Container Platform 3.11*, openshift3/ose-docker-registry@sha256:2b58d801f83a732b121c74eedee3849c2137a1a534f5737483652b25f1fc66ec_amd64
Red Hatopenshift3/ose-logging-kibana5@sha256:db7cd31fd03986589b2e3e618aee85edc2383f56a9ee47c175e858f99d641f78_amd64 as a component of Red Hat OpenShift Container Platform 3.11openshift3/ose-logging-kibana5@sha256:db7cd31fd03986589b2e3e618aee85edc2383f56a9ee47c175e858f99d641f78_amd64, *

Timeline

  • Sep 16, 2020 CVE Published
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Distribution Patch
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • Apr 25, 2026 Security Advisory
  • May 4, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›