Описание
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
An insecure modification vulnerability in the /etc/passwd file was found in the openshift-service-mesh/kiali-rhel7-operator. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Отчет
By default this vulnerability is not exploitable in un-privilieged containers running on OpenShift Container Platform. This is because the system call SETUID and SETGID is blocked by the default seccomp policy.
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
7 High
CVSS3