CVE-2019-3884
3.6
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
Summary
A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | atomic-openshift | 3.6, 3.7, 3.8, 3.9, 3.10, 3.11, 4.1 | affected |
Weaknesses
- CWE-290: CWE-290
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.