CVE-2018-20871
UnknownEPSS 2.17%
Last modified
CVE-2018-20871 is a vulnerability of currently unknown severity. In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).. EPSS estimates a 2.17% chance of exploitation in the next 30 days.
Description
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Univa | Grid Engine | 8.6.3 |
References
- http://www.univa.com/resources/files/Release_Notes_Univa_Grid_Engine_8.6.6.pdfRelease Notes, Vendor Advisory
- http://www.univa.com/resources/files/Release_Notes_Univa_Grid_Engine_8.6.6.pdfRelease Notes, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2018-20871?
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).
How severe is CVE-2018-20871?
Severity scoring for CVE-2018-20871 is pending analysis. The EPSS model estimates a 2.17% probability of exploitation in the next 30 days.
How do I fix CVE-2018-20871?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2018-20871?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST