ReportizFlow
An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Versions before kubernetes-nmstate-handler-container-v2.3.0-30 are affected.
Metrics
Affected Vendors & Products
| Vendors | Products |
|---|---|
| Nmstate |
|
| Redhat |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| RHEL-8-CNV-2.3 | |||
| container-native-virtualization/kubevirt-cpu-model-nfd-plugin:v2.3.0-9 | cpe:/a:redhat:container_native_virtualization:2.3::el8 | RHEA-2020:2011 | 2020-05-04T00:00:00Z |
| container-native-virtualization/kubevirt-cpu-node-labeller:v2.3.0-9 | cpe:/a:redhat:container_native_virtualization:2.3::el8 | RHEA-2020:2011 | 2020-05-04T00:00:00Z |
| container-native-virtualization/kubevirt-kvm-info-nfd-plugin:v2.3.0-9 | cpe:/a:redhat:container_native_virtualization:2.3::el8 | RHEA-2020:2011 | 2020-05-04T00:00:00Z |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2021-06-07T19:52:30
Updated: 2024-08-04T06:46:30.869Z
Reserved: 2019-11-27T00:00:00
Link: CVE-2020-1742
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-06-07T20:15:08.037
Modified: 2024-11-21T05:11:17.363
Link: CVE-2020-1742
Redhat