Published: 02/07/2018 Updated: 09/10/2019

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Subscribe to Openshift Container Platform

source-to-image component of Openshift Container Platform prior to atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openshift container platform
redhat openshift container platform 3.9.31
redhat openshift container platform 3.9

Synopsis Important: OpenShift Container Platform 39 security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic Red Hat OpenShift Container Platform release 3931 is now available with updates to packages and images that address security issues, fix several bugs, and add enh ...

A privilege escalation flaw was found in the source-to-image component of Openshift Container Platform which allows the assemble script to run as the root user in a non-privileged container An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user ...

CWE-732 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843 https://access.redhat.com/errata/RHSA-2018:2013 https://access.redhat.com/errata/RHSA-2018:2013 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2018-10843

CVE-2018-10843

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect