Vulnerabilities > CVE-2019-3884 - Unspecified vulnerability in Redhat Openshift

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

LOW

network

low complexity

redhat

NVD

Published: 2019-08-01

Updated: 2024-11-21

Summary

A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.

Vulnerable Configurations

Part	Description	Count
Application	Redhat Redhat Openshift 3.7 Redhat Openshift 3.6 Redhat Openshift 3.8 Redhat Openshift 3.9 Redhat Openshift 3.10 Redhat Openshift 3.11 Redhat Openshift 4.1	7

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3884
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3884