Overview
- Description
- A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.
- Source
- secalert@redhat.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 5.4
- Impact score
- 2.5
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
- Severity
- MEDIUM
CVSS 3.0
- Type
- Secondary
- Base score
- 3.6
- Impact score
- 2.5
- Exploitability score
- 1
- Vector string
- CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
- Severity
- LOW
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:P/A:N
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift:3.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A52F7AE1-754D-4EE1-8EC1-7765292B4C2D"
},
{
"criteria": "cpe:2.3:a:redhat:openshift:3.7:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "55349BC5-90EC-4954-8CEB-3C37D34742C4"
},
{
"criteria": "cpe:2.3:a:redhat:openshift:3.8:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2AA943DD-23CD-48FD-A33B-9E4DC7AE9D80"
},
{
"criteria": "cpe:2.3:a:redhat:openshift:3.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "28C5BBDA-B4F3-40A2-9F0A-75CF4C276769"
},
{
"criteria": "cpe:2.3:a:redhat:openshift:3.10:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6684D268-7B46-4672-8C9B-8719F2DC701F"
},
{
"criteria": "cpe:2.3:a:redhat:openshift:3.11:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "64797939-6676-40DC-A81A-3FD0C45A8047"
},
{
"criteria": "cpe:2.3:a:redhat:openshift:4.1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C19A2957-C915-4376-A4B5-87F4039BFD93"
}
],
"operator": "OR"
}
]
}
]