/etc/passwd is given incorrect privileges

Author:


Keywords:

Status: NEW

Alias:

 CVE-2020-10695

Product:

 Security Response

Classification:

 Other

Component:

vulnerability

Version:

 unspecified

Hardware:

 All

OS:

 Linux
medium
medium

Target Milestone:

Assignee:

 Red Hat Product Security

QA Contact:

Docs Contact:

URL:

Whiteboard:

Depends On:

Blocks:

1776664
TreeView+
depends on /

blocked

 

Reported: 2020-03-26 14:16 UTC by Paramvir jindal
Modified: 2020-03-26 15:37 UTC
(History)
7
users

(show)

Fixed In Version:

Doc Type:

 If docs needed, set a value

Doc Text:

An insecure modification vulnerability in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

Clone Of:

Environment:

Last Closed:



Source link

Write a comment:
*

Your email address will not be published.

RELATED STORIES
Category Product Vulnerabilities

Medium CVE-2020-15072: Phplist Phplist

July 10, 2020
https://blog.telspace.co.za/2020/07/phplist-cve-2020-15072-cve-2020-15073.html. https://discuss.phplist.org/t/phplist-3-5-5-has-been-released/6377. https://www.phplist. Source link
Read More
Category Product Vulnerabilities

Medium CVE-2020-15584: Google Android

July 10, 2020
Description: An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can trigger...
Read More
Category Product Vulnerabilities

Medium CVE-2020-15581: Google Android

July 10, 2020
Description: An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software....
Read More
Category Product Vulnerabilities

Low CVE-2020-15578: Google Android

July 10, 2020
Description: An issue was discovered on Samsung mobile devices with O(8.x) software. FactoryCamera does not...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-8197 – Alert Detail – Security Database

July 10, 2020
Executive Summary Informations Name CVE-2020-8197 First vendor Publication 2020-07-10 Vendor Cve Last vendor Modification 2020-07-10...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-8198 – Alert Detail – Security Database

July 10, 2020
Executive Summary Informations Name CVE-2020-8198 First vendor Publication 2020-07-10 Vendor Cve Last vendor Modification 2020-07-10...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-8196 – Alert Detail – Security Database

July 10, 2020
Executive Summary Informations Name CVE-2020-8196 First vendor Publication 2020-07-10 Vendor Cve Last vendor Modification 2020-07-10...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-8194 – Alert Detail – Security Database

July 10, 2020
Executive Summary Informations Name CVE-2020-8194 First vendor Publication 2020-07-10 Vendor Cve Last vendor Modification 2020-07-10...
Read More
vamtam-theme-circle-post
Category Product Vulnerabilities

CVE-2020-8187 – Alert Detail – Security Database

July 10, 2020
Executive Summary Informations Name CVE-2020-8187 First vendor Publication 2020-07-10 Vendor Cve Last vendor Modification 2020-07-10...
Read More
Category Product Vulnerabilities

Medium CVE-2020-15466: Wireshark Wireshark

July 10, 2020
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16029. https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=11f40896b696e4e8c7f8b2ad96028404a83a51a4. https://www.wireshark.org/security/wnpa-sec-2020-09. Source link
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact