Vulnerabilities > CVE-2019-19350 - Incorrect Privilege Assignment vulnerability in Redhat Openshift 3.11/4.0
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ansible-service-broker as shipped in Red Hat Openshift 4 and 3.11. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |