Global infos:

A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled. This flaw allows an attacker with access to a backup to obtain OAuth tokens and then use them to log into the cluster as any user who logged into the cluster via the WebUI or via the command line in the last 24 hours. Once the backup is older than 24 hours the OAuth tokens are no longer valid.

CVE Status: Modified

References:

[email protected]

af854a3a-2127-422b-91ae-364da2661108

Metrics:

Attribute	Value
Attack Complexity	HIGH
Attack Vector	PHYSICAL
Availability Impact	HIGH
Base Score	6.3
Base Severity	MEDIUM
Confidentiality Impact	HIGH
Integrity Impact	HIGH
Privileges Required	LOW
Scope	UNCHANGED
User Interaction	NONE
Vector String	CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability Score	0.4
Impact Score	5.9
Source	[email protected]
Type	Secondary

Links:

Exploit-db
Github