CVE-2018-1069

See a problem?
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-1069
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1069.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1069
Published
2018-03-09T14:29:00Z
Modified
2024-09-03T02:06:35.437920Z
Severity
  • 7.1 (High) CVSS_V3 - CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem.

References

Affected packages

Git / github.com/openshift/origin

Affected ranges

Type
GIT
Repo
https://github.com/openshift/origin
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

v1.*

v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.1
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.2.0
v1.2.0-rc1
v1.2.0-rc2
v1.3.0
v1.3.0-alpha.0
v1.3.0-alpha.1
v1.3.0-alpha.2
v1.3.0-alpha.3
v1.3.0-rc1
v1.4.0-alpha.0
v1.4.0-alpha.1
v1.5.0-alpha.0
v1.5.0-alpha.1
v1.5.0-alpha.2
v1.5.0-alpha.3

v3.*

v3.6.0-alpha.0
v3.6.0-alpha.1
v3.6.0-alpha.2
v3.6.0-rc.0
v3.7.0
v3.7.0-alpha.0
v3.7.0-alpha.1
v3.7.0-rc.0