Lucene search
+L

1194 matches found

cnvd
cnvd
added 2020/06/23 12:0 a.m.3 views

Google Cloud Platform guest-oslogin elevation of privilege vulnerability

Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...

9.3CVSS6.7AI score0.00353EPSS
Exploits1References1
cnvd
cnvd
added 2020/06/23 12:0 a.m.3 views

Google Cloud Platform guest-oslogin elevation of privilege vulnerability (CNVD-2020-60515)

Google Cloud Platform is a cloud computing platform that provides cloud computing, data storage, data analytics and machine learning services. guest-oslogin is one of the operating system login components. A security vulnerability exists in guest-oslogin versions 20190304 through 20200507 in Goog...

7.8CVSS6.7AI score0.00315EPSS
Exploits1References1
osv
osv
added 2020/06/22 2:15 p.m.16 views

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

7.8CVSS6.5AI score
Exploits0References5
nvd
nvd
added 2020/06/22 2:15 p.m.24 views

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

9.3CVSS0.00309EPSS
Exploits1References5
nvd
nvd
added 2020/06/22 2:15 p.m.27 views

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

7.8CVSS0.00315EPSS
Exploits1References5
nvd
nvd
added 2020/06/22 2:15 p.m.20 views

CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

9.3CVSS0.00353EPSS
Exploits1References5
osv
osv
added 2020/06/22 2:15 p.m.18 views

CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

7.8CVSS7AI score
Exploits0References5
osv
osv
added 2020/06/22 2:15 p.m.17 views

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

7.8CVSS6.9AI score
Exploits0References5
prion
prion
added 2020/06/22 2:15 p.m.15 views

Design/Logic Flaw

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

6.9CVSS7.5AI score0.00315EPSS
Exploits1References5Affected Software2
osv
osv
added 2020/06/22 2:15 p.m.5 views

UBUNTU-CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

7.8CVSS5.9AI score0.00315EPSS
Exploits1References5
prion
prion
added 2020/06/22 2:15 p.m.18 views

Design/Logic Flaw

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

6.9CVSS7.7AI score0.00353EPSS
Exploits1References5Affected Software2
prion
prion
added 2020/06/22 2:15 p.m.18 views

Design/Logic Flaw

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

6.9CVSS7.7AI score0.00309EPSS
Exploits1References5Affected Software2
ubuntucve
ubuntucve
added 2020/06/22 2:15 p.m.24 views

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...

7.8CVSS7.2AI score0.00315EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2020/06/22 2:15 p.m.27 views

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

9.3CVSS7.1AI score0.00309EPSS
Exploits1References4
ubuntucve
ubuntucve
added 2020/06/22 2:15 p.m.27 views

CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

9.3CVSS7.1AI score0.00353EPSS
Exploits1References4
vulnrichment
vulnrichment
added 2020/06/22 1:45 p.m.14 views

CVE-2020-8933 Priviged Escalation in Google Cloud Platform's Guest-OSLogin

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

9.3CVSS7AI score0.00353EPSS
Exploits1References5
cvelist
cvelist
added 2020/06/22 1:45 p.m.26 views

CVE-2020-8933 Priviged Escalation in Google Cloud Platform's Guest-OSLogin

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within ...

9.3CVSS7.7AI score0.00353EPSS
Exploits1References5
debiancve
debiancve
added 2020/06/22 1:45 p.m.57 views

CVE-2020-8933

Removed by vendor...

9.3CVSS7.6AI score0.00353EPSS
Exploits1
cve
cve
added 2020/06/22 1:45 p.m.181 views

CVE-2020-8933

CVE-2020-8933 affects Google Cloud Platform’s guest-oslogin (versions 20190304–20200507). The flaw lets a user with roles/compute.osLogin escalate to root by abusing the lxd group to attach host devices/filesystems and modify /etc/sudoers within an lxc container; images created after 2020-05-07 a...

9.3CVSS7.6AI score0.00353EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2020/06/22 1:45 p.m.26 views

CVE-2020-8907 Priviged Escalation in Google Cloud Platform's Guest-OSLogin

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and...

9.3CVSS7.7AI score0.00309EPSS
Exploits1References5
Rows per page
Query Builder