An insecure modification vulnerability in the /etc/passwd...
Moderate severity
Unreviewed
Published
May 24, 2022
to the GitHub Advisory Database
•
Updated Feb 13, 2023
Description
Published by the National Vulnerability Database
Mar 18, 2020
Published to the GitHub Advisory Database
May 24, 2022
Last updated
Feb 13, 2023
An insecure modification vulnerability in the /etc/passwd file was found in the openshift/ocp-release-operator-sdk. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. This CVE is specific to the openshift/ansible-operator-container as shipped in Openshift 4.
References