CVE-2019-14819

Description

A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints.

CVSS Version 3.1
CVSS Version 3.0
CVSS Version 2.0

nvd
CVE ID: CVE-2019-14819
Base Score: 8.8
Base Severity: HIGH
Vector String:CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 2.8

redhat
CVE ID: CVE-2019-14819
Base Score: 7.5
Base Severity: HIGH
Vector String:CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

nvd
CVE ID: CVE-2019-14819
Base Score: 6.5
Base Severity: MEDIUM
Vector String:AV:N/AC:L/Au:S/C:P/I:P/A:P

Refrence: NVD MITRE

Description​

Description