7.7
CVE-2018-14632
- EPSS 0.85%
- Veröffentlicht 06.09.2018 14:29:00
- Zuletzt bearbeitet 21.11.2024 03:49:28
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Redhat ≫ Openshift Container Platform Version <= 3.7
Redhat ≫ Openshift Container Platform Version3.9
Redhat ≫ Openshift Container Platform Version3.10
Redhat ≫ Openshift Container Platform Version3.11
Starcounter-jack ≫ Json-patch Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
Typ | Quelle | Score | Percentile |
---|---|---|---|
EPSS | FIRST.org | 0.85% | 0.739 |
Quelle | Base Score | Exploit Score | Impact Score | Vector String |
---|---|---|---|---|
nvd@nist.gov | 7.7 | 3.1 | 4 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
secalert@redhat.com | 7.7 | 3.1 | 4 |
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.