CVE-2018-1069

Summary

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem.

Affected Software

VendorProductVersion RangeStatus
Red Hat, Inc.OpenShift Enterprise3.7affected

Weaknesses

  • CWE-284: CWE-284 (Improper Access Control)

ADP Enrichment

CVE Program Container

Additional References

References