Published: 18/03/2020 Updated: 12/02/2023

CVSS v2 Base Score: 4.4 | Impact Score: 6.4 | Exploitability Score: 3.4

CVSS v3 Base Score: 7 | Impact Score: 5.9 | Exploitability Score: 1

VMScore: 392

Vector: AV:L/AC:M/Au:N/C:P/I:P/A:P

An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat openshift 4.0

Synopsis Moderate: OpenShift Container Platform 4141 openshift-enterprise-ansible-operator-container security update Type/Severity Security Advisory: Moderate Topic An update for openshift-enterprise-ansible-operator-container is now available for Red Hat OpenShift Container Platform 41Red Hat Product S ...

Synopsis Moderate: OpenShift Container Platform 435 openshift-enterprise-ansible-operator-container security update Type/Severity Security Advisory: Moderate Topic An update for openshift-enterprise-ansible-operator-container is now available for Red Hat OpenShift Container Platform 43Red Hat Product Se ...

Synopsis Moderate: OpenShift Container Platform 42z openshift-enterprise-ansible-operator-container security update Type/Severity Security Advisory: Moderate Topic An update for openshift-enterprise-ansible-operator-container is now available for Red Hat OpenShift Container Platform 42Red Hat Product Se ...

CWE-266 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19355 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2020:1545

CVE-2019-19355

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect