CVE-2020-14336
MEDIUMOpenShift Container Platform - Denial of Service via Custom Network Packet Crafting
Title source: llmDescription
A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft custom network packets. This flaw allows an attacker to cause a denial of service attack on an OpenShift Container Platform cluster if they can deploy pods. The highest threat from this vulnerability is to system availability.
References (1)
Core 1
Core References
Issue Tracking, Mitigation, Vendor Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=1858981
Scores
CVSS v3
6.5
EPSS
0.0033
EPSS Percentile
55.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-770
Status
published
Products (3)
redhat/openshift_container_platform
3.11
redhat/openshift_container_platform
4.5.16
redhat/openshift_container_platform
4.6
Published
Jun 02, 2021
Tracked Since
Feb 18, 2026