4 matches found
CVE-2020-1706
It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to...
CVE-2020-1706
It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to...
CVE-2020-1706
CVE-2020-1706 affects the OpenShift appliance component openshift-apb-tools-container used in OpenShift Enterprise 3.11 and 4.1–4.3. A container can alter file permissions on /etc/passwd to make it modifiable by non-root users, enabling an attacker with container access to add a user and escalate...
CVE-2020-1706
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/apb-tools. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges...