{
  "threat_severity" : "Important",
  "public_date" : "2016-03-10T00:00:00Z",
  "bugzilla" : {
    "description" : "Privilege escalation when changing root password in sti builder image",
    "id" : "1316127",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1316127"
  },
  "cvss" : {
    "cvss_base_score" : "7.1",
    "cvss_scoring_vector" : "AV:N/AC:H/Au:S/C:C/I:C/A:C",
    "status" : "verified"
  },
  "details" : [ "Red Hat OpenShift Enterprise 3.2 and OpenShift Origin allow remote authenticated users to execute commands with root privileges by changing the root password in an sti builder image.", "A flaw was found in the building of containers within OpenShift Enterprise. An attacker could submit an image for building that executes commands within the container as root, allowing them to potentially escalate privileges." ],
  "affected_release" : [ {
    "product_name" : "Red Hat OpenShift Container Platform 3.2",
    "release_date" : "2016-05-12T00:00:00Z",
    "advisory" : "RHSA-2016:1064",
    "cpe" : "cpe:/a:redhat:openshift:3.2::el7",
    "package" : "atomic-openshift-0:3.2.0.20-1.git.0.f44746c.el7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2016-2160\nhttps://nvd.nist.gov/vuln/detail/CVE-2016-2160" ],
  "name" : "CVE-2016-2160",
  "csaw" : false
}