7.7
CVE-2018-14632
- EPSS 0.85%
- Published 06.09.2018 14:29:00
- Last modified 21.11.2024 03:49:28
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.
Data is provided by the National Vulnerability Database (NVD)
Redhat ≫ Openshift Container Platform Version <= 3.7
Redhat ≫ Openshift Container Platform Version3.9
Redhat ≫ Openshift Container Platform Version3.10
Redhat ≫ Openshift Container Platform Version3.11
Starcounter-jack ≫ Json-patch Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.85% | 0.739 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
| secalert@redhat.com | 7.7 | 3.1 | 4 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.