mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
69 lines
2.2 KiB
JSON
69 lines
2.2 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2018-1069",
|
|
"ASSIGNER": "secalert@redhat.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-284 (Improper Access Control)",
|
|
"cweId": "CWE-284"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "Red Hat, Inc.",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "OpenShift Enterprise",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "3.7"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/103364",
|
|
"refsource": "MISC",
|
|
"name": "http://www.securityfocus.com/bid/103364"
|
|
},
|
|
{
|
|
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1552987",
|
|
"refsource": "MISC",
|
|
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1552987"
|
|
}
|
|
]
|
|
}
|
|
} |