CVE-2018-1069

Severity CVSS v4.0:
Pending analysis
Type:
CWE-284 Improper Access Control
Publication date:
09/03/2018
Last modified:
17/06/2026

Description

Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:redhat:openshift:3.7:*:*:*:enterprise:*:*:*