CVE-2018-14632
CVE-2018-14632
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.7EPSS 1.9%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
06 set 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Produtos afetados
Red Hat · atomic-openshiftQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/errata/RHBA-2018:2652https://access.redhat.com/errata/RHSA-2018:2654https://access.redhat.com/errata/RHSA-2018:2709https://access.redhat.com/errata/RHSA-2018:2906https://access.redhat.com/errata/RHSA-2018:2908https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14632https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03#diff-65c563bba473be9d94ce4d033f74810e