admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-12 02:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

version added to description

Browse Source
This commit is contained in:
mrehak@redhat.com 2020-01-27 09:47:18 +01:00
parent ba40c02659
commit cee7e88293
No known key found for this signature in database
GPG Key ID: 61C2AB3CDC29106F
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2020/1xxx/CVE-2020-1706.json
View File

@ -57,7 +57,7 @@
"description_data": [
{
"lang": "eng",
"value": "It has been found that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/apb-tools-container."
"value": "It has been found that in openshift-enterprise version 3.11 and all openshift-enterprise version from 4.1 to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/apb-tools-container."
}
]
},