CVE-2019-19354
published 2021-03-24CVE-2019-19354: An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
An insecure modification vulnerability in the /etc/passwd file was found in the operator-framework/hadoop as shipped in Red Hat Openshift 4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| operator-framework | hadoop | — | — |
| redhat | openshift_container_platform | >= 4.4 < 4.4.3 | 4.4.3 |