source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.
The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openshift_container_platform | Redhat | * | 3.7.53 (excluding) |
Openshift_container_platform | Redhat | 3.9 (including) | 3.9 (including) |
Openshift_container_platform | Redhat | 3.9.31 (including) | 3.9.31 (including) |