CVE-2018-14632 HIGH

CVE-2018-14632

Vendor Red Hat
Product atomic-openshift
Weakness CWE-787
Published September 6, 2018
Last update August 5, 2024

CVSS base score

7.7/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

What the vulnerability does

01Description

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management.

Key dates

02Disclosure timeline

September 6, 2018 CVE published
August 5, 2024 Record updated