CVSS: 7.1EPSS: 0%CPEs: 7EXPL: 0CVE-2017-1002102 – kubernetes: Malicious containers can delete any file from the node
https://notcve.org/view.php?id=CVE-2017-1002102
12 Mar 2018 — In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running. En Kubernetes, en versiones 1.3.x, 1.4.x, 1.5.x, 1.6.x y en versiones anteriores a la 1.7.14, 1.8.9 y 1.9.4, los contenedores que emplean un volumen secreto, configMap, proyectado o downwardAPI pueden desencadenar la eliminación de archivos/directorios ar... • https://access.redhat.com/errata/RHSA-2018:0475 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 9.6EPSS: 0%CPEs: 7EXPL: 1CVE-2017-1002101 – kubernetes: Volume security can be sidestepped with innocent emptyDir and subpath
https://notcve.org/view.php?id=CVE-2017-1002101
12 Mar 2018 — In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem. En Kubernetes, en versiones 1.3.x, 1.4.x, 1.5.x, 1.6.x y en versiones anteriores a la 1.7.14, 1.8.9 y 1.9.4, los contenedores que emplean montajes de volumen subpath con cualquier tipo de volumen (incluyendo po... • https://github.com/bgeesaman/subpath-exploit • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 23EXPL: 0CVE-2017-1002100
https://notcve.org/view.php?id=CVE-2017-1002100
14 Sep 2017 — Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal. Los permisos de acceso por defecto para volúmenes persistentes (PV) creados por el proveedor de servicios en la nube Kubernetes en Azure, en sus ver... • https://github.com/kubernetes/kubernetes/issues/47611 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-7561
https://notcve.org/view.php?id=CVE-2015-7561
07 Aug 2017 — Kubernetes in OpenShift3 allows remote authenticated users to use the private images of other users should they know the name of said image. Kubernetes en OpenShift3 permite que atacantes remotos autenticados empleen las imágenes privadas de otros usuarios si conocen el nombre de dicha imagen. • https://bugzilla.redhat.com/show_bug.cgi?id=1291963 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2017-1000056
https://notcve.org/view.php?id=CVE-2017-1000056
13 Jul 2017 — Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object. En Kubernetes versión 1.5.0 hasta 1.5.4, es vulnerable a una escalada de privilegios en el plugin admission de PodSecurityPolicy, resultando en la capacidad de hacer uso de cualquier objeto PodSecurityPolicy existente. • https://github.com/kubernetes/kubernetes/issues/43459 • CWE-862: Missing Authorization •
CVSS: 8.1EPSS: 0%CPEs: 4EXPL: 1CVE-2016-7075 – 3: API server does not validate client-provided intermediate certificates correctly
https://notcve.org/view.php?id=CVE-2016-7075
18 Oct 2016 — It was found that Kubernetes as used by Openshift Enterprise 3 did not correctly validate X.509 client intermediate certificate host name fields. An attacker could use this flaw to bypass authentication requirements by using a specially crafted X.509 certificate. Se ha descubierto que Kubernetes, tal y como se emplea en Openshift Enterprise 3, no valida los campos de nombre del host del certificado intermediario de cliente X.509. Un atacante podría emplear este error para omitir los requisitos de autenticac... • https://access.redhat.com/errata/RHSA-2016:2064 • CWE-295: Improper Certificate Validation •
CVSS: 7.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1905 – server: patch operation should use patched object to check admission control
https://notcve.org/view.php?id=CVE-2016-1905
27 Jan 2016 — The API server in Kubernetes does not properly check admission control, which allows remote authenticated users to access additional resources via a crafted patched object. El servidor API en Kubernetes no comprueba correctamente el control de admisión, lo que permite a usuarios remotos autenticados acceder a recursos adicionales a través de un objeto parcheado manipulado. An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain request... • https://access.redhat.com/errata/RHSA-2016:0070 • CWE-284: Improper Access Control CWE-285: Improper Authorization •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2016-1906 – server: build config to a strategy that isn't allowed by policy
https://notcve.org/view.php?id=CVE-2016-1906
27 Jan 2016 — Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed. Openshift, permite a los atacantes remotos alcanzar privilegios mediante la actualización de una configuración de compilación que fue diseñada con un tipo permitido en un tipo que no está permitido. An authorization flaw was discovered in Kubernetes; the API server did not properly check user permissions when handling certain build-configuration strategi... • https://access.redhat.com/errata/RHSA-2016:0070 • CWE-264: Permissions, Privileges, and Access Controls CWE-285: Improper Authorization •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2015-7528 – OpenShift: pod log location must validate container if provided
https://notcve.org/view.php?id=CVE-2015-7528
03 Dec 2015 — Kubernetes before 1.2.0-alpha.5 allows remote attackers to read arbitrary pod logs via a container name. Kubernetes en versiones anteriores a 1.2.0-alpha.5 permite a atacantes remotos leer logs de pod arbitrarios a través de un nombre de contenedor. It was found that OpenShift's API back end did not verify requests for pod log locations, allowing a pod on a Node to request logs for any other pod on that Node. A remote attacker could use this flaw to view sensitive information via pod logs that they would no... • http://rhn.redhat.com/errata/RHSA-2015-2615.html • CWE-20: Improper Input Validation CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •