CVE-2020-1704
7
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | openshift-service-mesh/kiali-rhel7-operator | All maistra versions before 1.0.8 | affected |
Weaknesses
- CWE-266: CWE-266
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.