PT-2020-10143 · Red Hat · Openshift/Mariadb-Apb
Published
2020-04-02
·
Updated
2020-04-03
·
CVE-2019-19346
CVSS v3.1
7.0
High
| Vector | AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
openshift/mariadb-apb versions prior to 4.3.5
openshift/mariadb-apb versions prior to 4.2.21
openshift/mariadb-apb versions prior to 4.1.37
openshift/mariadb-apb versions prior to 3.11.188-4
Description
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Recommendations
For versions prior to 4.3.5, update to version 4.3.5 or later.
For versions prior to 4.2.21, update to version 4.2.21 or later.
For versions prior to 4.1.37, update to version 4.1.37 or later.
For versions prior to 3.11.188-4, update to version 3.11.188-4 or later.
Fix
Incorrect Privilege Assignment
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Openshift/Mariadb-Apb