A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was incorrectly stored in the oauth-serving-cert ConfigMaps, and accessible to any authenticated OpenShift user or service-account. A malicious user could exploit this by reading the oauth-serving-cert ConfigMap in either the openshift-config-managed or openshift-console namespaces, to access private keys used to encrypt all web traffic.Read More