CVE-2021-3948 in Konveyor and Red Hat Products
Published on February 18, 2022
An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cluster, impacting confidentiality, integrity, and availability of the services located on that cluster.
Weakness Type
Incorrect Default Permissions
During installation, installed file permissions are set to allow anyone to modify those files.
Products Associated with CVE-2021-3948
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-3948 are published in these products:
Exploit Probability
EPSS
0.19%
Percentile
41.24%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.