CVE-2020-9283
Published at:
-
21-02-2020 01:00
Last modified:
-
21-02-2020 01:00
Total changes:
-
183
Description
Common Vulnerability Scoring System (CVSS)
LowAttack complexity
NetworkAttack vector
HighAvailability
NoneConfidentiality
NoneIntegrity
NonePrivileges required
Unchanged
Scope
NoneUser interaction
7.5
Base score
Exploitability score
Impact score
Verification logic
OR
AND
product=3scale-amp2/3scale-rhel7-operator AND versionEndExcluding=1.13.0-17
vendor=Red Hat Enterprise Linux AND product=3scale_amp AND version=2.10
AND
product=3scale-amp2/3scale-rhel7-operator-metadata AND versionEndExcluding=2.10.0-38
vendor=Red Hat Enterprise Linux AND product=3scale_amp AND version=2.10
AND
product=3scale-amp2/apicast-rhel7-operator AND versionEndExcluding=1.13.0-4
vendor=Red Hat Enterprise Linux AND product=3scale_amp AND version=2.10
AND
product=3scale-amp2/apicast-rhel7-operator-metadata AND versionEndExcluding=2.10.0-9
vendor=Red Hat Enterprise Linux AND product=3scale_amp AND version=2.10
AND
product=kiali-0 AND versionEndExcluding=v1.12.10.redhat2-1.el7
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1.1
AND
product=ior-0 AND versionEndExcluding=1.1.6-1.el8
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1.1
AND
product=servicemesh-0 AND versionEndExcluding=1.1.6-1.el8
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1.1
AND
product=servicemesh-cni-0 AND versionEndExcluding=1.1.6-1.el8
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1.1
AND
product=servicemesh-grafana-0 AND versionEndExcluding=6.4.3-13.el8
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1.1
AND
product=servicemesh-operator-0 AND versionEndExcluding=1.1.6-2.el8
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1.1
AND
product=servicemesh-prometheus-0 AND versionEndExcluding=2.14.0-14.el8
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1.1
AND
product=atomic-openshift-cluster-autoscaler-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=baremetal-machine-controller-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=cluster-monitoring-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=cluster-network-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=cluster-node-tuning-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=cluster-version-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=configmap-reload-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=coredns-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=golang-github-openshift-oauth-proxy-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=golang-github-prometheus-alertmanager-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=golang-github-prometheus-node_exporter-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=golang-github-prometheus-prometheus-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=grafana-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ironic-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ironic-hardware-inventory-recorder-image-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ironic-inspector-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ironic-ipa-downloader-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ironic-rhcos-downloader-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ironic-static-ip-manager-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=jenkins-agent-maven-35-rhel7-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=kube-proxy-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=kube-rbac-proxy-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=kube-state-metrics-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=kuryr-cni-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=kuryr-controller-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=local-storage-static-provisioner-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=marketplace-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=multus-cni-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-builder-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-cli-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-console-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-console-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-deployer-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-haproxy-router-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-hyperkube-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-keepalived-ipfailover-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-pod-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-registry-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-enterprise-tests-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-jenkins-2-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=operator-lifecycle-manager-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=operator-registry-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-aws-machine-controllers-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-azure-machine-controllers-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cli-artifacts-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cloud-credential-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-authentication-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-autoscaler-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-bootstrap-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-config-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-dns-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-image-registry-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-ingress-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-kube-apiserver-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-kube-controller-manager-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-kube-scheduler-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-machine-approver-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-openshift-apiserver-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-openshift-controller-manager-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-samples-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-storage-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-cluster-update-keys-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-etcd-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-installer-artifacts-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-installer-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-libvirt-machine-controllers-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-machine-api-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-machine-config-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-multus-admission-controller-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-must-gather-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-openstack-machine-controllers-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-ovn-kubernetes-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-prometheus-adapter-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=ose-service-ca-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=prometheus-config-reloader-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=prometheus-operator-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=prom-label-proxy-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=telemeter-container
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift-clients-0 AND versionEndExcluding=4.3.31-202007250052.p0.git.3329.59998b9.el7
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift4/ose-azure-machine-controllers AND versionEndExcluding=v4.3.31-202007272153.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift4/ose-sriov-dp-admission-controller AND versionEndExcluding=v4.3.37-202009151447.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.3
AND
product=openshift4/ose-azure-machine-controllers AND versionEndExcluding=v4.4.0-202006290400.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.4
AND
product=openshift4/ose-descheduler AND versionEndExcluding=v4.4.0-202006290400.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.4
AND
product=openshift4/ose-cloud-credential-operator AND versionEndExcluding=v4.4.0-202007060343.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.4
AND
product=openshift4/ose-cluster-machine-approver AND versionEndExcluding=v4.4.0-202007171809.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.4
AND
product=openshift4/ose-cluster-logging-operator AND versionEndExcluding=v4.5.0-202007012112.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.5
AND
product=openshift-0 AND versionEndExcluding=4.5.0-202007012112.p0.git.0.582d7fc.el7
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.5
AND
product=openshift4/ose-cluster-kube-descheduler-operator AND versionEndExcluding=v4.5.0-202007131801.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.5
AND
product=openshift4/ose-descheduler AND versionEndExcluding=v4.5.0-202007101023.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.5
AND
product=openshift4/ose-elasticsearch-operator AND versionEndExcluding=v4.6.0-202010200139.p0
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4.6
AND
product=kubevirt-cpu-model-nfd-plugin-container
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2.6
AND
product=kubevirt-cpu-node-labeller-container
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2.6
AND
product=kubevirt-kvm-info-nfd-plugin-container
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2.6
AND
product=vm-import-controller-container
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2.6
AND
product=jaeger-rhel7-operator-container AND version=
vendor=Red Hat Enterprise Linux AND product=jaeger AND version=1.17
AND
product=3scale-istio-adapter-rhel8-container AND version=
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1
AND
product=jaeger AND version=
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1
AND
product=jaeger-operator AND version=
vendor=Red Hat Enterprise Linux AND product=service_mesh AND version=1
AND
product=atomic-openshift AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.11
AND
product=atomic-openshift-cluster-autoscaler AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.11
AND
product=atomic-openshift-descheduler AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.11
AND
product=golang-github-openshift-oauth-proxy AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.11
AND
product=openshift-enterprise-cluster-capacity AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=3.11
AND
product=openshift4/ose-baremetal-installer-rhel8 AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-baremetal-machine-controllers AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-baremetal-rhel8-operator AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-cluster-svcat-apiserver-operator AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-cluster-svcat-controller-manager-operator AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-console-operator AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-descheduler-operator AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-installer AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-installer-artifacts AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-libvirt-machine-controllers AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-local-storage-static-provisioner AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-metering-helm-container-rhel8 AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-operator-marketplace AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-ptp AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-service-catalog AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift4/ose-vertical-pod-autoscaler-rhel8-operator AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=openshift-enterprise-service-catalog AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=template-service-broker-container AND version=
vendor=Red Hat Enterprise Linux AND product=openshift AND version=4
AND
product=ocs4/cephcsi-rhel8 AND version=
vendor=Red Hat Enterprise Linux AND product=openshift_container_storage AND version=4
AND
product=ember-csi-operator AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=kubevirt-cpu-node-labeller AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=kubevirt-metrics-collector AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=kubevirt-web-ui AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=kubevirt-web-ui-operator AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=multus-cni AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=ovs-cni-plugin AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=sriov-network-device-plugin AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-api AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-cdi-apiserver AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-cdi-cloner AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-cdi-controller AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-cdi-importer AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-cdi-operator AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-cdi-uploadproxy AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-cdi-uploadserver AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-controller AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-handler AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-launcher AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=virt-operator AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=1
AND
product=kubevirt-cpu-node-labeller AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-api AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-cdi-apiserver AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-cdi-cloner AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-cdi-controller AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-cdi-importer AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-cdi-operator AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-cdi-uploadproxy AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-cdi-uploadserver AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-controller AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-handler AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-launcher AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=virt-operator AND version=
vendor=Red Hat Enterprise Linux AND product=container_native_virtualization AND version=2
AND
product=heketi AND version=
vendor=Red Hat Enterprise Linux AND product=storage AND version=3
Reference
- https://bugzilla.redhat.com/show_bug.cgi?id=1804533
- https://groups.google.com/forum/#!topic/golang-announce/3L45YRc91SY
- https://access.redhat.com/errata/RHSA-2021:1129
- https://access.redhat.com/errata/RHSA-2020:3369
- https://access.redhat.com/errata/RHSA-2020:4264
- https://access.redhat.com/errata/RHBA-2020:3179
- https://access.redhat.com/errata/RHBA-2020:3180
- https://access.redhat.com/errata/RHSA-2020:3809
- https://access.redhat.com/errata/RHSA-2020:2790
- https://access.redhat.com/errata/RHSA-2020:2793
- https://access.redhat.com/errata/RHSA-2020:2878
- https://access.redhat.com/errata/RHSA-2020:3078
- https://access.redhat.com/errata/RHSA-2020:2412
- https://access.redhat.com/errata/RHSA-2020:2413
- https://access.redhat.com/errata/RHSA-2020:3414
- https://access.redhat.com/errata/RHSA-2020:4298
- https://access.redhat.com/errata/RHSA-2021:0799
Keywords