Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-19346

Опубликовано: 02 апр. 2020
Источник: nvd
CVSS3: 7
CVSS2: 4.4
EPSS Низкий

Описание

An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:*
Версия до 3.11.188-4 (исключая)
cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:*
Версия от 4.0.0 (включая) до 4.1.37 (исключая)
cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:*
Версия от 4.2.0 (включая) до 4.2.21 (исключая)
cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:*
Версия от 4.3.0 (включая) до 4.3.5 (исключая)

EPSS

Процентиль: 12%
0.00041
Низкий

7 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-266
CWE-269

Связанные уязвимости

redhat логотип

CVE-2019-19346

CVSS3: 7
redhat
около 6 лет назад

An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

github логотип

GHSA-983g-8wfp-4rwm

github
больше 3 лет назад

An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

EPSS

Процентиль: 12%
0.00041
Низкий

7 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-266
CWE-269