CVE-2019-3884

CVSS 3.6 LOWEPSS 0.6%CWE-290

A vulnerability exists in the garbage collection mechanism of atomic-openshift. An attacker able spoof the UUID of a valid object from another namespace is able to delete children of those objects. Versions 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and 4.1 are affected.

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L

Productos afectados

Red Hat · atomic-openshift

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3884