CVE-2021-3948 in Konveyor and Red Hat Products
Published on February 18, 2022
An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster.
Weakness Type
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
Products Associated with CVE-2021-3948
stack.watch emails you whenever new vulnerabilities are published in Konveyor Mig Controller or Red Hat Migration Toolkit. Just hit a watch button to start following.
Exploit Probability
EPSS
0.19%
Percentile
40.92%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.