CVE-2018-10843

source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.

Published: Jul 2, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-10843
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9
AV:N/AC:L/Au:S/C:C/I:C/A:C

CWEs:

CWE-732

Affected Software
References

Software	From	Fixed in
redhat / openshift_container_platform	3.9	3.9.x
redhat / openshift_container_platform	3.9.31	3.9.31.x
redhat / openshift_container_platform	-	3.7.53

https://access.redhat.com/errata/RHSA-2018:2013
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10843

Vulnerability Database

289,599

CVE-2018-10843