Описание
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Отчет
By default this vulnerability is not exploitable in un-privileged containers running on OpenShift Container Platform. This is because the system call SETUID and SETGID is blocked by the default seccomp policy. In OpenShift 4.4 the container openshift-enterprise-abp-tools has been removed and hence is not affected by this flaw.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Container Platform 3.11 | openshift3/apb-tools | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openshift4/apb-tools | Will not fix |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
7 High
CVSS3