CVSS: 9.8EPSS: 34%CPEs: 14EXPL: 4CVE-2018-1002105 – Kubernetes - (Unauthenticated) Arbitrary Requests
https://notcve.org/view.php?id=CVE-2018-1002105
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection. En todas las versiones de Kubernetes anteriores a la v1.10.11, v1.11.5 y la v1.12.3, el manejo incorrecto de las respuestas de error a las peticiones de actualización en el proxy en kube-apiserver permitían que las peticiones especialmente manipuladas estableciesen una conexión mediante el servidor de la API de Kubernetes a los servidores del backend y enviasen peticiones arbitrarias en la misma conexión directamente al backend, autenticadas con las credenciales TLS del servidor de la API de Kubernetes empleadas para establecer la conexión con el backend. A privilege escalation vulnerability exists in OpenShift Container Platform which allows for compromise of pods running co-located on a compute node. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. • https://www.exploit-db.com/exploits/46052 https://www.exploit-db.com/exploits/46053 https://github.com/sh-ubh/CVE-2018-1002105 http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00041.html http://www.openwall.com/lists/oss-security/2019/06/28/2 http://www.openwall.com/lists/oss-security/2019/07/06/3 http://www.openwall.com/lists/oss-security/2019/07/06/4 http://www.securityfocus.com/bid/106068 https://access.redhat.com/errata/RHSA-2018:3537 h • CWE-305: Authentication Bypass by Primary Weakness CWE-388: 7PK - Errors •
CVSS: 7.7EPSS: 0%CPEs: 5EXPL: 0CVE-2018-14632 – atomic-openshift: oc patch with json causes masterapi service crash
https://notcve.org/view.php?id=CVE-2018-14632
An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management. Puede ocurrir una escritura fuera de límites al parchear un objeto Openshift mediante la funcionalidad "oc patch" en OpenShift Container Platform, en versiones anteriores a la 3.7. Un atacante puede emplear este error para provocar un ataque de denegación de servicio (DoS) en el servicio de la API maestra de Openshift que gestiona los clústeres. An out of bounds write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform 3.x. • https://access.redhat.com/errata/RHBA-2018:2652 https://access.redhat.com/errata/RHSA-2018:2654 https://access.redhat.com/errata/RHSA-2018:2709 https://access.redhat.com/errata/RHSA-2018:2906 https://access.redhat.com/errata/RHSA-2018:2908 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14632 https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03#diff-65c563bba473be9d94ce4d033f74810e https://access.redhat.com/security/cve/CVE-2018-14632 https://bugzilla.redhat. • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1070 – Routing: Malicous Service configuration can bring down routing for an entire shard.
https://notcve.org/view.php?id=CVE-2018-1070
routing before version 3.10 is vulnerable to an improper input validation of the Openshift Routing configuration which can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard. routing en versiones anteriores a la 3.10 es vulnerable a una validación de entradas incorrecta de la configuración de Openshift Routing que puede permitir que una partición entera se caiga. Un usuario malicioso puede emplear esta vulnerabilidad para provocar un ataque de denegación de servicio (DoS) para otros usuarios de la partición del router. Improper input validation of the Openshift Routing configuration can cause an entire shard to be brought down. A malicious user can use this vulnerability to cause a Denial of Service attack for other users of the router shard. • https://access.redhat.com/errata/RHSA-2018:2013 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-1070 https://access.redhat.com/security/cve/CVE-2018-1070 https://bugzilla.redhat.com/show_bug.cgi?id=1553035 • CWE-20: Improper Input Validation •