Unrated severityNVD Advisory· Published Feb 7, 2020· Updated Aug 4, 2024
CVE-2020-1708
CVE-2020-1708
Description
It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/mysql-apb.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 3.11, >=4.1 <=4.3
- Range: openshift-enterprise version 3.11
Patches
Vulnerability mechanics
References
4- access.redhat.com/errata/RHSA-2020:0617mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2020:0681mitrevendor-advisoryx_refsource_REDHAT
- access.redhat.com/errata/RHSA-2020:0694mitrevendor-advisoryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.