Описание
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Отчет
By default this vulnerability is not exploitable in un-privilieged containers running on OpenShift Container Platform. This is because the system call SETUID and SETGID is blocked by the default seccomp policy.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | openshift3/ose-ansible-service-broker | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openshift-enterprise-ansible-service-broker-operator-container | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openshift-enterprise-asb-container | Will not fix |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
7 High
CVSS3