8.8

CVE-2021-20182

EPSS 0.53%
Published 23.02.2021 22:15:12
Last modified 21.11.2024 05:46:05
Source secalert@redhat.com
Teams watchlist Login
Open Login

A privilege escalation flaw was found in openshift4/ose-docker-builder. The build container runs with high privileges using a chrooted environment instead of runc. If an attacker can gain access to this build container, they can potentially utilize the raw devices of the underlying node, such as the network and storage devices, to at least escalate their privileges to that of the cluster admin. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Redhat ≫ Openshift Container Platform Version >= 4.4 < 4.4.33

Redhat ≫ Openshift Container Platform Version >= 4.5 < 4.5.30

Redhat ≫ Openshift Container Platform Version >= 4.6 < 4.6.15

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.53%	0.645

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	6.5	8	6.4	AV:N/AC:L/Au:S/C:P/I:P/A:P

CWE-552 Files or Directories Accessible to External Parties

The product makes files or directories accessible to unauthorized actors, even though they should not be.

https://bugzilla.redhat.com/show_bug.cgi?id=1915110

Patch

Vendor Advisory

Issue Tracking

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2021-20182

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2021-20182

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2021-20182

EUVD