CVE-2020-14336

Description

A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.

Affected Software
References

Software	From	Fixed in
redhat / openshift_container_platform	3.11	3.11.x
redhat / openshift_container_platform	4.5.16	4.5.16.x
redhat / openshift_container_platform	4.6	4.6.x

https://bugzilla.redhat.com/show_bug.cgi?id=1858981

Severity: Medium

CVE: CVE-2020-14336
Published: Jun 2, 2021
Updated: Apr 13, 2023
Exploit:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Low
Score: 4
AV:N/AC:L/Au:S/C:N/I:N/A:P

CWE-770

CVE-2020-14336

Description

Details

CVSS v3

CVSS v2

CWEs