/etc/passwd is given incorrect privileges

Author:


Keywords:

Status: NEW

Alias:

 CVE-2020-10695

Product:

 Security Response

Classification:

 Other

Component:

vulnerability

Version:

 unspecified

Hardware:

 All

OS:

 Linux
medium
medium

Target Milestone:

Assignee:

 Red Hat Product Security

QA Contact:

Docs Contact:

URL:

Whiteboard:

Depends On:

Blocks:

1776664
TreeView+
depends on /

blocked

 

Reported: 2020-03-26 14:16 UTC by Paramvir jindal
Modified: 2020-03-26 15:37 UTC
(History)
7
users

(show)

Fixed In Version:

Doc Type:

 If docs needed, set a value

Doc Text:

An insecure modification vulnerability in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.

Clone Of:

Environment:

Last Closed:



Source link

You must be logged in to post a comment.

RELATED STORIES
Category Product Vulnerabilities

CVE-2021-26960

March 5, 2021
Description. A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management...
Read More
Category Product Vulnerabilities

Cisco Releases Security Updates – Kashif Ali

March 4, 2021
Original release date: March 4, 2021 Cisco has released security updates to address a vulnerability...
Read More
Category Product Vulnerabilities

Ubuntu Security Notice USN-4754-4 – KK Hack Labs

March 3, 2021
Ubuntu Security Notice 4754-4 – USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a...
Read More
Category Product Vulnerabilities

Security Researcher Alex Birsan Hacks Tech Companies

March 2, 2021
Recently, an enterprising security researcher, Alex Birsan hacked tech companies and managed to pocket over...
Read More
Category Product Vulnerabilities

Critical vulnerability found in Snow Software’s Inventory Agent

March 1, 2021
Critical vulnerability found in Snow Software’s Inventory Agent A vulnerability in Snow Software’s Snow Inventory Agent...
Read More
Category Product Vulnerabilities

Attack Defence: Windows Basic Exploitation #4

February 28, 2021
Hello everyone, I have returned to tackle part four of my series on Windows exploitation,...
Read More
Category Product Vulnerabilities

Yeastar NeoGate TG400 路径遍历漏洞 CVE-2021-27328 2021-02-27

February 27, 2021
Yeastar NeoGate TG400 中存在路径遍历漏洞。该漏洞源于产品未能正确地过滤资源或文件路径中的特殊元素,经过身份验证的用户可以解密固件,并可以读取敏感信息,如密码或解密密钥。以下产品及版本受到影响:Yeastar NeoGate TG400 91.3.0.3。 Copyright © 北京奇虎科技有限公司 360网络攻防实验室 安全客 All Rights Reserved...
Read More
Category Product Vulnerabilities

Medium CVE-2021-22649: Luxion Keyshot

February 26, 2021
Description: Luxion KeyShot versions prior to 10.1, Luxion KeyShot Viewer versions prior to 10.1, Luxion...
Read More
Category Product Vulnerabilities

SLMail 5.1.0.4420 Remote Code Execution

February 25, 2021
# -*- coding: utf-8 -*- import socket from time import sleep from os import system...
Read More
Category Product Vulnerabilities

Ransomware gang extorts jet maker Bombardier after Accellion breach

February 24, 2021
Source: Bombardier Business jet maker Bombardier is the latest company to suffer a data breach...
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact