CVE-2018-10843
source-to-image: Builder images with assembler-user LABEL set to root allows attackers to execute arbitrary code
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.
El componente source-to-image de Openshift Container Platform en versiones anteriores a atomic-openshift 3.7.53 y atomic-openshift 3.9.31 es vulnerable a un escalado de privilegios que permite que el script assemble se ejecute como usuario root en un contenedor no privilegiado. Un atacante puede usar este fallo para abrir conexiones de red y posiblemente otras acciones en el host que normalmente está disponible solo para un usuario root.
A privilege escalation flaw was found in the source-to-image component of Openshift Container Platform which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-05-09 CVE Reserved
- 2018-06-27 CVE Published
- 2023-07-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-732: Incorrect Permission Assignment for Critical Resource
CAPEC
References (4)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/errata/RHSA-2018:2013 | 2019-10-09 | |
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843 | 2019-10-09 | |
https://access.redhat.com/security/cve/CVE-2018-10843 | 2018-06-27 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1579096 | 2018-06-27 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | < 3.7.53 Search vendor "Redhat" for product "Openshift Container Platform" and version " < 3.7.53" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 3.9 Search vendor "Redhat" for product "Openshift Container Platform" and version "3.9" | - |
Affected
| ||||||
Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 3.9.31 Search vendor "Redhat" for product "Openshift Container Platform" and version "3.9.31" | - |
Affected
|