CVE-2025-7195 (CNNVD-202508-640)
MEDIUM
中文标题:
Red Hat File Integrity Operator 安全漏洞
英文标题:
Operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd
CVSS分数:
5.2
发布时间:
2025-08-07 19:05:08
漏洞类型:
其他
状态:
PUBLISHED
数据质量分数:
0.40
数据版本:
v8
漏洞描述
中文描述:
Red Hat File Integrity Operator是美国红帽(Red Hat)公司的一个文件完整性检测软件。 Red Hat File Integrity Operator 0.15.2之前版本存在安全漏洞,该漏洞源于user_setup脚本修改/etc/passwd文件权限不当,可能导致容器内权限提升。
英文描述:
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, user_setup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used Operator-SDK before 0.15.2 to scaffold their operator may still be impacted by this if the insecure user_setup script is still being used to build new container images. In affected images, the /etc/passwd file is created during build time with group-writable permissions and a group ownership of root (gid=0). An attacker who can execute commands within an affected container, even as a non-root user, may be able to leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
CWE类型:
CWE-276
标签:
(暂无数据)
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Red Hat | multicluster engine for Kubernetes 2.7 | 2.7 | - | - |
cpe:/a:redhat:multicluster_engine:2.7::el9
|
| Red Hat | multicluster engine for Kubernetes 2.9 | 2.9 | - | - |
cpe:/a:redhat:multicluster_engine:2.9::el9
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.12 | 2.12 | - | - |
cpe:/a:redhat:acm:2.12::el9
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 | 2.14 | - | - |
cpe:/a:redhat:acm:2.14::el9
|
| Red Hat | File Integrity Operator | - | - | - |
cpe:/a:redhat:openshift_file_integrity_operator:1
|
| Red Hat | Multicluster Engine for Kubernetes | - | - | - |
cpe:/a:redhat:multicluster_engine
|
| Red Hat | Multicluster Global Hub | - | - | - |
cpe:/a:redhat:multicluster_globalhub
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 | - | - | - |
cpe:/a:redhat:acm:2
|
| Red Hat | Red Hat Advanced Cluster Security 4 | - | - | - |
cpe:/a:redhat:advanced_cluster_security:4
|
| Red Hat | Red Hat build of Apicurio Registry 3 | - | - | - |
cpe:/a:redhat:apicurio_registry:3
|
| Red Hat | Red Hat Fuse 7 | - | - | - |
cpe:/a:redhat:jboss_fuse:7
|
| Red Hat | Red Hat OpenShift Container Platform 4 | - | - | - |
cpe:/a:redhat:openshift:4
|
| Red Hat | Red Hat Openshift Data Foundation 4 | - | - | - |
cpe:/a:redhat:openshift_data_foundation:4
|
| Red Hat | Red Hat OpenShift Dev Workspaces Operator | - | - | - |
cpe:/a:redhat:devworkspace
|
| Red Hat | Red Hat OpenShift Virtualization 4 | - | - | - |
cpe:/a:redhat:container_native_virtualization:4
|
| Red Hat | Red Hat Web Terminal | - | - | - |
cpe:/a:redhat:webterminal:1
|
| operator-framework | operator-sdk | - | < 0.15.2 | - |
cpe:2.3:a:operator-framework:operator-sdk:*:*:*:*:*:*:*:*
|
| Red Hat | RHEL-9-CNV-4.17 | 4.17 | - | - |
cpe:/a:redhat:container_native_virtualization:4.17::el9
|
| Red Hat | RHEL-9-CNV-4.18 | 4.18 | - | - |
cpe:/a:redhat:container_native_virtualization:4.18::el9
|
| Red Hat | RHEL-9-CNV-4.20 | 4.20 | - | - |
cpe:/a:redhat:container_native_virtualization:4.20::el9
|
| Red Hat | Compliance Operator 1 | 1 | - | - |
cpe:/a:redhat:openshift_compliance_operator:1::el9
|
| Red Hat | File Integrity Operator 1 | 1 | - | - |
cpe:/a:redhat:openshift_file_integrity_operator:1::el9
|
| Red Hat | multicluster engine for Kubernetes 2.6 | 2.6 | - | - |
cpe:/a:redhat:multicluster_engine:2.6::el9
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.11 | 2.11 | - | - |
cpe:/a:redhat:acm:2.11::el9
|
| Red Hat | Red Hat Openshift Data Foundation 4.14 | 4.14 | - | - |
cpe:/a:redhat:openshift_data_foundation:4.14::el9
|
| Red Hat | Red Hat Openshift Data Foundation 4.15 | 4.15 | - | - |
cpe:/a:redhat:openshift_data_foundation:4.15::el9
|
| Red Hat | Red Hat Openshift Data Foundation 4.16 | 4.16 | - | - |
cpe:/a:redhat:openshift_data_foundation:4.16::el9
|
| Red Hat | Red Hat Openshift Data Foundation 4.17 | 4.17 | - | - |
cpe:/a:redhat:openshift_data_foundation:4.17::el9
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 | 4.18 | - | - |
cpe:/a:redhat:openshift_data_foundation:4.18::el9
|
| Red Hat | Red Hat build of Apicurio Registry 2 | - | - | - |
cpe:/a:redhat:service_registry:2
|
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
RHSA-2025:19332
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:19335
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:19958
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:19961
vendor-advisory
cve.org
访问
cve.org
无标题
vdb-entry
cve.org
访问
cve.org
RHBZ#2376300
issue-tracking
cve.org
访问
cve.org
RHEA-2025:23406
vendor-advisory
cve.org
访问
cve.org
RHEA-2025:23478
vendor-advisory
cve.org
访问
cve.org
RHEA-2026:0129
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:21368
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:21885
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:22415
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:22416
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:22418
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:22420
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:22683
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:22684
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:23528
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:23529
vendor-advisory
cve.org
访问
cve.org
RHSA-2025:23542
vendor-advisory
cve.org
访问
cve.org
secalert@redhat.com
OTHER
nvd.nist.gov
访问
nvd.nist.gov
secalert@redhat.com
OTHER
nvd.nist.gov
访问
nvd.nist.gov
secalert@redhat.com
OTHER
nvd.nist.gov
访问
nvd.nist.gov
secalert@redhat.com
OTHER
nvd.nist.gov
访问
nvd.nist.gov
secalert@redhat.com
OTHER
nvd.nist.gov
访问
nvd.nist.gov
CVSS评分详情
3.1 (cna)
MEDIUM
5.2
CVSS向量:
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L
机密性
LOW
完整性
HIGH
可用性
LOW
时间信息
发布时间:
2025-08-07 19:05:08
修改时间:
2025-11-11 13:41:25
创建时间:
2025-11-11 15:40:51
更新时间:
2026-03-07 06:00:01
利用信息
暂无可利用代码信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2025-7195 |
2025-11-11 15:23:35 | 2025-11-11 07:40:51 |
| NVD | nvd_CVE-2025-7195 |
2025-11-11 15:00:58 | 2025-11-11 07:48:37 |
| CNNVD | cnnvd_CNNVD-202508-640 |
2025-11-11 15:12:52 | 2025-11-11 08:00:08 |
版本与语言
当前版本:
v8
主要语言:
EN
支持语言:
ZH
EN
安全公告
暂无安全公告信息
变更历史
v8
NVD
2026-02-12 06:00:06
references_count: 24 → 25
查看详细变更
- references_count: 24 -> 25
v7
NVD
2026-01-17 06:00:15
references_count: 23 → 24
查看详细变更
- references_count: 23 -> 24
v6
NVD
2026-01-16 02:48:08
references_count: 21 → 23
查看详细变更
- references_count: 21 -> 23
v5
NVD
2026-01-15 06:00:28
references_count: 20 → 21
查看详细变更
- references_count: 20 -> 21
v4
CVE
2026-01-12 02:12:33
affected_products_count: 16 → 30; references_count: 6 → 20
查看详细变更
- affected_products_count: 16 -> 30
- references_count: 6 -> 20
v3
CNNVD
2025-11-11 16:00:08
vulnerability_type: 未提取 → 其他; cnnvd_id: 未提取 → CNNVD-202508-640; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
- vulnerability_type: 未提取 -> 其他
- cnnvd_id: 未提取 -> CNNVD-202508-640
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2
NVD
2025-11-11 15:48:37
affected_products_count: 85 → 16; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
- affected_products_count: 85 -> 16
- data_sources: ['cve'] -> ['cve', 'nvd']