admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#2849

Browse Source 
Auto-merge PR#2849
This commit is contained in:
CVE Team 2020-01-07 12:05:15 -05:00 committed by GitHub
commit d0d4015be9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 79 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
2019/14xxx/CVE-2019-14819.json Normal file
View File

@ -0,0 +1,79 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-14819",
"ASSIGNER": "msiddiqu@redhat.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "[Red Hat]",
"product": {
"product_data": [
{
"product_name": "openshift-ansible",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-266"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-270"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14819",
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14819",
"refsource": "CONFIRM"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints."
}
]
},
"impact": {
"cvss": [
[
{
"vectorString": "7.5/CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
]
]
}
}