Описание
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Single Sign-On 7 | redhat-sso-7-openshift-containers | Affected | ||
| RHEL-8 based Middleware Containers | rh-sso-7/sso74-openshift-rhel8 | Fixed | RHSA-2020:5529 | 15.12.2020 |
| Text-Only RHSSO | redhat-sso-7-openshift-containers | Fixed | RHSA-2020:5533 | 15.12.2020 |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-266
https://bugzilla.redhat.com/show_bug.cgi?id=1817530containers/redhat-sso-7: /etc/passwd is given incorrect privileges
7 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
больше 4 лет назад
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges.
CVSS3: 7.8
debian
больше 4 лет назад
An insecure modification flaw in the /etc/passwd file was found in the ...
github
больше 3 лет назад
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges.
7 High
CVSS3