Overview
- Description
- Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem.
- Source
- secalert@redhat.com
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.1
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 5.4
- Impact score
- 6.4
- Exploitability score
- 5.5
- Vector string
- AV:A/AC:M/Au:N/C:P/I:P/A:P
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift:3.7:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D9724B7-D99B-4376-B1B5-5CE5F336D767"
}
],
"operator": "OR"
}
]
}
]