CVE-2020-1705

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 21-01-2020 01:00

Last modified: - 21-01-2020 01:00

Total changes: - 17

Description

CVE-2020-1705 openshift/template-service-broker-operator: /etc/passwd is given incorrect privileges

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

High

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

Low

Privileges required

Unchanged

Scope

None

User interaction

7.0

Base score

Exploitability score

Impact score

Verification logic

OR

AND

product=openshift4/apb-base AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/mariadb-apb AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/mediawiki AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/mediawiki-apb AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/mysql-apb AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-ansible-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-cluster-capacity AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-cluster-logging-operator AND versionEndExcluding=v4.2.27-202003310105

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-cluster-nfd-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-csi-external-attacher AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-csi-external-provisioner-rhel7 AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-csi-livenessprobe AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-descheduler AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-descheduler-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-efs-provisioner-rhel7 AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-egress-dns-proxy AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-egress-http-proxy AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-egress-router AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-elasticsearch-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-ghostunnel AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-jenkins-agent-base AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-local-storage-diskmaker AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-local-storage-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-logging-curator5 AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-logging-eventrouter AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-logging-fluentd AND versionEndExcluding=v4.2.27-202003310105

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-metering-ansible-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-metering-hadoop AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-metering-hive AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-metering-presto AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-metering-reporting-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-node-feature-discovery AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-sriov-cni AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-sriov-dp-admission-controller AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-sriov-network-config-daemon AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-sriov-network-device-plugin AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-sriov-network-operator AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/postgres-apb AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/postgresql-apb AND versionEndExcluding=v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift-enterprise-apb-tools-container-v4.2.27-202003301126

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.2

AND

product=openshift4/ose-template-service-broker-operator AND versionEndExcluding=v4.3.7-202003161611

vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3

Reference

Keywords

REDHAT

CVE-2020-1705

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.