CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-1704

An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.8%

CVSS Severity

CVSS v3 Score 7.0

CVSS v2 Score 4.6

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1704
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1704

Products affected by CVE-2020-1704

Redhat » Openshift Service Mesh » Version: N/A

cpe:2.3:a:redhat:openshift_service_mesh:-
Redhat » Openshift Service Mesh » Version: 1.0

cpe:2.3:a:redhat:openshift_service_mesh:1.0
Redhat » Openshift Service Mesh » Version: 1.0.7

cpe:2.3:a:redhat:openshift_service_mesh:1.0.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-1704

Products

Pricing

Contact Us