Lucene search
PRIOn knowledge basePRION:CVE-2021-3917HistoryAug 23, 2022 - 8:15 p.m.
Security feature bypass
2022-08-2320:15:00
PRIOn knowledge base
www.prio-n.com
4
coreos
installer
local attacker
sensitive data
confidentiality
vulnerability
A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality.
| CPE | Name | Operator | Version |
|---|---|---|---|
| coreos-installer | lt | 0.10.0 |
Related
cve
cve
CVE-2021-3917
2022-08-23 20:15:08
osv
osv
coreos-installer < 0.10.0 writes world-readable Ignition config to installed system
2021-11-08 18:01:13
CVE-2021-3917
2022-08-23 20:15:08
cvelist
cvelist
CVE-2021-3917
2022-08-23 19:03:22
redhatcve
redhatcve
CVE-2021-3917
2021-11-01 10:12:42
github
github
nessus
nessus
RHEL 8 : coreos-installer (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.9.0 (RHSA-2021:3758)
2022-09-15 00:00:00
RHEL 8 : OpenShift Container Platform 4.8.22 (RHSA-2021:4829)
2021-12-01 00:00:00
nvd
nvd
CVE-2021-3917
2022-08-23 20:15:08
redhat
redhat