Guest-oslogin Security Vulnerabilities and Issues — Guest-oslogin CVE List

Lucene search

GoogleGuest-oslogin

3 matches found

CVE•added 2020/06/22 2:15 p.m.•161 views

CVE-2020-8933

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within an...

9.3CVSS7.6AI score0.00078EPSS

CVE•added 2020/06/22 2:15 p.m.•153 views

CVE-2020-8903

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from the ...

7.8CVSS7.4AI score0.00226EPSS

CVE•added 2020/06/22 2:15 p.m.•149 views

CVE-2020-8907

A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and moun...

9.3CVSS7.6AI score0.00092EPSS