CyberSec.Space Logo
Back to CVE Browser

CVE-2019-14819

HIGH
8.8
CVSS Severity Score
EPSS Score0.1980%
EPSS Percentile1.10th
PublishedJan 7, 2020
Last ModifiedNov 21, 2024

Vulnerability Description

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints.

Affected Platforms (CPE)

📦
Redhat

Openshift Container Platform

= 3.10
📦
Redhat

Openshift Container Platform

= 3.11

References & Advisories

🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14819
🔗 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14819

Related Vulnerabilities

CVE-2019-38999.8

It was found that default configuration of Heketi does not require any authentication potentially exposing the management interfac...

CVE-2018-108438.5

source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vuln...

CVE-2021-201988.1

A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of Ope...

CVE-2018-146327.7

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platfo...