CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1709 – openshift/mediawiki: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2020-1709
13 Mar 2020 — A vulnerability was found in all openshift/mediawiki 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/mediawiki. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se detectó una vulnerabilidad en todas las versiones de openshift/mediawiki 4.x.x anteriores a 4.3.0, donde se encontró una vulnerabilidad de modificación no segura en el archivo /etc/passwd en openshift/med... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1709 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.1EPSS: 0%CPEs: 8EXPL: 0CVE-2019-14887 – wildfly: The 'enabled-protocols' value in legacy security is not respected if OpenSSL security provider is in use
https://notcve.org/view.php?id=CVE-2019-14887
12 Mar 2020 — A flaw was found when an OpenSSL security provider is used with Wildfly, the 'enabled-protocols' value in the Wildfly configuration isn't honored. An attacker could target the traffic sent from Wildfly and downgrade the connection to a weaker version of TLS, potentially breaking the encryption. This could lead to a leak of the data being passed over the network. Wildfly version 7.2.0.GA, 7.2.3.GA and 7.2.5.CR2 are believed to be vulnerable. Se detectó un fallo cuando un proveedor de seguridad OpenSSL es usa... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14887 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2019-19355 – openshift/ocp-release-operator-sdk: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2019-19355
11 Mar 2020 — An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4. Se detectó una vulnerabilidad de modificación no segura en el archivo /etc/passwd en el openshift/ocp-release-operator-sdk. Un atacante con acceso al contenedor podría usar este fallo para m... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19355 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2020-1706 – openshift/apb-tools: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2020-1706
09 Mar 2020 — It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/apb-tools-container. Se ha encontrado que en openshift-enterprise versión 3.11 y openshift-enterprise versiones 4... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1706 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-8661 – envoy: Response flooding for HTTP/1.1
https://notcve.org/view.php?id=CVE-2020-8661
04 Mar 2020 — CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. CNCF Envoy versiones hasta 1.13.0, puede consumir cantidades excesivas de memoria cuando responde internamente a peticiones en tuberías "pipelined". A resource consumption vulnerability was found in the servicemesh-proxy in Envoy. An attacker could use pipelined requests to cause excessive amounts of memory to be used, possibly degrading or crashing the application. Red Hat OpenShift Service M... • https://access.redhat.com/errata/RHSA-2020:0734 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8659 – envoy: Excessive CPU and/or memory usage when proxying HTTP/1.1
https://notcve.org/view.php?id=CVE-2020-8659
04 Mar 2020 — CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks. CNCF Envoy versiones hasta 1.13.0, puede consumir cantidades excesivas de memoria cuando se hace proxy a peticiones o respuestas HTTP/1.1 con muchos fragmentos pequeños (es decir, 1 byte). A resource consumption vulnerability was found in the servicemesh-proxy in Envoy. An attacker could send specially crafted small HTTP/1.1 packets that, when processed, could ... • https://access.redhat.com/errata/RHSA-2020:0734 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-1707 – openshift/postgresql-apb: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2020-1707
04 Mar 2020 — A vulnerability was found in all openshift/postgresql-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/postgresql-apb. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se encontró una vulnerabilidad en todas las versiones de openshift/postgresql-apb 4.x.x anteriores a 4.3.0, donde se encontró una vulnerabilidad de modificación no segura en el archivo /e... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1707 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2019-19348 – openshift/apb-base: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2019-19348
04 Mar 2020 — An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se detectó una vulnerabilidad de modificación no segura en el archivo /etc/passwd en el contenedor openshift/apb-base, que afecta a las versiones anteriores a las siguientes 4.3.5, 4.2.21, 4.1.37 y 3.11.188-4.... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19348 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 7.0EPSS: 0%CPEs: 4EXPL: 0CVE-2019-19346 – openshift/mariadb-apb: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2019-19346
04 Mar 2020 — An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se detectó una vulnerabilidad de modificación no segura en el archivo /etc/passwd en el contenedor openshift/mariadb-apb, que afecta a las versiones anteriores a las siguientes 4.3.5, 4.2.21, 4.1.37 y 3.11... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19346 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-19345 – openshift/mediawiki-apb: /etc/passwd is given incorrect privileges
https://notcve.org/view.php?id=CVE-2019-19345
04 Mar 2020 — A vulnerability was found in all openshift/mediawiki-apb 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mediawiki-apb. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Se detectó una vulnerabilidad en todas las versiones de openshift/mediawiki-apb 4.x.x anteriores a 4.3.0, donde se encontró una vulnerabilidad de modificación no segura en el archivo /etc/p... • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-19345 • CWE-266: Incorrect Privilege Assignment CWE-269: Improper Privilege Management •