CVE-2019-14819
HIGHOpenShift Container Platform - Privilege Escalation via dockergc Service Account Assignment
Title source: llmDescription
A flaw was found during the upgrade of an existing OpenShift Container Platform 3.x cluster. Using CRI-O, the dockergc service account is assigned to the current namespace of the user performing the upgrade. This flaw can allow an unprivileged user to escalate their privileges to those allowed by the privileged Security Context Constraints.
References (1)
Core 1
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14819
Scores
CVSS v3
8.8
EPSS
0.0026
EPSS Percentile
49.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
CWE-266
CWE-270
Status
published
Products (2)
redhat/openshift_container_platform
3.10
redhat/openshift_container_platform
3.11
Published
Jan 07, 2020
Tracked Since
Feb 18, 2026