Out Of Bounds Write Vulnerability in OpenShift Container Platform
CVE-2018-14632

7.7HIGH

Key Information:

Vendor
Red Hat
Status
Atomic-openshift
Vendor
CVE Published:
6 September 2018

Summary

An out of bounds write vulnerability exists in the OpenShift Container Platform, specifically when utilizing the 'oc patch' functionality. This flaw can lead to a denial of service condition affecting the OpenShift master API service, which is essential for cluster management. An attacker could exploit this weakness to disrupt the normal operations of the service, highlighting the importance of timely updates and system patch management.

Affected Version(s)

atomic-openshift atomic-openshift-3.7

References

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14632
x_refsource_CONFIRM
https://github.com/evanphx/json-patch/commit/4c9aadca8f89...
x_refsource_CONFIRM
https://access.redhat.com/errata/RHBA-2018:2652
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
7.7
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.