CVE-2021-3344 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-3344 PUBLISHED CVSS 8.800000190734863 HIGH

A privilege escalation flaw was found in OpenShift builder. During build time, credentials outside the build context are automatically mounted into the container image under construction. An OpenShift user, able to execute code during build time inside this container can re-use the credentials to overwrite arbitrary container images in internal registries and/or escalate their privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. This affects github.com/openshift/builder v0.0.0-20210125201112-7901cb396121 and before.

EPSS 0.68% · 71.4th percentile

Risk Scores

CVSS v3.1

8.800000190734863

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.68%

71.4th percentile

Affected Products

Vendor	Product	Versions
redhat	openshift_builder	0
n/a	openshift/builder	before github.com/openshift/builder v0.0.0-20210125201112-7901cb396121
redhat	openshift_container_platform	4.5, 4.6

Timeline

Mar 16, 2021 CVE Published
Apr 14, 2021 EPSS Score
Jun 22, 2021 EPSS Score
Aug 23, 2021 EPSS Score
Dec 25, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Feb 25, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 28, 2022 EPSS Score
Aug 31, 2022 EPSS Score
Nov 1, 2022 EPSS Score

References

https://bugzilla.redhat.com/show_bug.cgi?id=1921450 url

Open in Interactive Console →