CVE-2016-1906: server: build config to a strategy that isn't allowed by policy

Severity: Critical

CVSS Score: 9.8

Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.