Page 7 of 49 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 9EXPL: 0

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12. • https://access.redhat.com/errata/RHBA-2019:2794 https://access.redhat.com/errata/RHBA-2019:2816 https://access.redhat.com/errata/RHBA-2019:2824 https://access.redhat.com/errata/RHSA-2019:3239 https://access.redhat.com/errata/RHSA-2019:3811 https://github.com/kubernetes/kubernetes/issues/80984 https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ https://security.netapp.com/advisory/ntap-20190919-0003 https://access.redhat.com/security/cve/CVE-2019-11249& • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 8.2EPSS: 62%CPEs: 50EXPL: 0

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. • https://github.com/kubernetes/kubernetes/issues/81023 https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ https://security.netapp.com/advisory/ntap-20190919-0003 • CWE-419: Unprotected Primary Channel CWE-862: Missing Authorization •

CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0

The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with access only to a resource in one namespace could create, view update or delete the cluster-scoped resource (according to their namespace role privileges). Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.7, 1.8, 1.9, 1.10, 1.11, 1.12. El kube-apiserver de Kubernetes permite por error el acceso a un recurso personalizado de ámbito de clúster si la solicitud se realiza como si el recurso estuviera con espacio de nombres. Las autorizaciones para el recurso al que se tiene acceso de esta manera se aplican mediante roles y enlaces de roles dentro del espacio de nombres, lo que significa que un usuario con acceso solo a un recurso en un espacio de nombres podría crear, ver actualizar o eliminar el recurso de ámbito de clúster (según sus privilegios de rol de espacio de nombres). • https://access.redhat.com/errata/RHBA-2019:2816 https://access.redhat.com/errata/RHBA-2019:2824 https://access.redhat.com/errata/RHSA-2019:2690 https://access.redhat.com/errata/RHSA-2019:2769 https://github.com/kubernetes/kubernetes/issues/80983 https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ https://security.netapp.com/advisory/ntap-20190919-0003 https://access.redhat.com/security/cve/CVE-2019-11247 https://bugzilla.redhat.com/show_bug.cgi?id=1 • CWE-20: Improper Input Validation CWE-284: Improper Access Control CWE-863: Incorrect Authorization •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.12.9, versions prior to 1.13.6, versions prior to 1.14.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11. • https://github.com/kubernetes/kubernetes/pull/76788 https://groups.google.com/forum/#%21topic/kubernetes-security-announce/NLs2TGbfPdo https://security.netapp.com/advisory/ntap-20190919-0003 https://access.redhat.com/security/cve/CVE-2019-11246 https://bugzilla.redhat.com/show_bug.cgi?id=1721704 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •

CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0

In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). In the affected versions, rest.AnonymousClientConfig() did not effectively clear service account credentials loaded using rest.InClusterConfig() En Kubernetes versión 1.12.0 hasta versión 1.12.4 y versión 1.13.0, el método rest.AnonymousClientConfig() retorna una copia de la configuración provista, con las credenciales removidas (token de portador, nombre de usuario/contraseña y certificado/clave del cliente). En las versiones afectadas, la función rest.AnonymousClientConfig() no limpió efectivamente las credenciales de cuenta de servicio cargadas usando la función rest.InClusterConfig(). • http://www.securityfocus.com/bid/108053 https://github.com/kubernetes/kubernetes/issues/76797 https://security.netapp.com/advisory/ntap-20190509-0002 • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer CWE-271: Privilege Dropping / Lowering Errors •