An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/jenkins. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/jenkins-slave-base-rhel7-containera as shipped in Openshift 4 and 3.11.
Weakness
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openshift | Redhat | 3.11 (including) | 3.11 (including) |
| Openshift | Redhat | 4.0 (including) | 4.0 (including) |
| Red Hat OpenShift Container Platform 3.11 | RedHat | openshift3/jenkins-slave-base-rhel7:v3.11.188-2 | * |
| Red Hat OpenShift Container Platform 4.2 | RedHat | openshift4/ose-jenkins-agent-base:v4.2.20-202002171604 | * |
| Red Hat OpenShift Container Platform 4.3 | RedHat | openshift4/ose-jenkins-agent-base:v4.3.3-202002171705 | * |