CVE-2020-1708

Name of the Vulnerable Software and Affected Versions openshift-enterprise versions 3.11 through 4.3

Description A security issue has been identified where multiple containers in openshift-enterprise modify the permissions of /etc/passwd, allowing users other than root to modify it. An attacker with access to the running container can exploit this to add a user and escalate their privileges.

Recommendations For openshift-enterprise versions 3.11 through 4.3, consider restricting access to the containers that modify the /etc/passwd file until a fix is available. As a temporary workaround, restrict modifications to the /etc/passwd file to prevent privilege escalation. Avoid using the affected containers in openshift-enterprise until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.