Search...

CVE-2019-11249

2019-08-29T01:15:00

ID CVE-2019-11249
Type cve
Reporter cve@mitre.org
Modified 2020-02-10T21:49:00

Description

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.

JSON Vulners Source

Initial Source

{"id": "CVE-2019-11249", "bulletinFamily": "NVD", "title": "CVE-2019-11249", "description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.", "published": "2019-08-29T01:15:00", "modified": "2020-02-10T21:49:00", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11249", "reporter": "cve@mitre.org", "references": ["https://access.redhat.com/errata/RHBA-2019:2794", "https://github.com/kubernetes/kubernetes/issues/80984", "https://access.redhat.com/errata/RHSA-2019:3811", "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ", "https://access.redhat.com/errata/RHBA-2019:2824", "https://security.netapp.com/advisory/ntap-20190919-0003/", "https://access.redhat.com/errata/RHSA-2019:3239", "https://access.redhat.com/errata/RHBA-2019:2816"], "cvelist": ["CVE-2019-11249"], "type": "cve", "lastseen": "2020-04-04T00:15:48", "history": [{"bulletin": {"affectedSoftware": [{"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1-1.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.17"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:kubernetes:kubernetes:1.10.1", "cpe:/a:kubernetes:kubernetes:1.1.7", "cpe:/a:kubernetes:kubernetes:1.14.1", "cpe:/a:kubernetes:kubernetes:1.2.7", "cpe:/a:kubernetes:kubernetes:1.10.9", "cpe:/a:kubernetes:kubernetes:1.11.5", "cpe:/a:kubernetes:kubernetes:1.8.15", "cpe:/a:kubernetes:kubernetes:1.8.5", "cpe:/a:kubernetes:kubernetes:1.1.2", "cpe:/a:kubernetes:kubernetes:1.2.5", "cpe:/a:kubernetes:kubernetes:1.2.1", "cpe:/a:kubernetes:kubernetes:1.6.6", "cpe:/a:kubernetes:kubernetes:1.3.3", "cpe:/a:kubernetes:kubernetes:1.8.7", "cpe:/a:kubernetes:kubernetes:1.4.0", "cpe:/a:kubernetes:kubernetes:1.7.0", "cpe:/a:kubernetes:kubernetes:1.6.10", "cpe:/a:kubernetes:kubernetes:1.0.4", "cpe:/a:kubernetes:kubernetes:1.6.7", "cpe:/a:kubernetes:kubernetes:1.2.2", "cpe:/a:kubernetes:kubernetes:1.8.4", "cpe:/a:kubernetes:kubernetes:1.8.13", "cpe:/a:kubernetes:kubernetes:1.10.6", "cpe:/a:kubernetes:kubernetes:1.6.4", "cpe:/a:kubernetes:kubernetes:1.7.10", "cpe:/a:kubernetes:kubernetes:1.1.4", "cpe:/a:kubernetes:kubernetes:1.6.12", "cpe:/a:kubernetes:kubernetes:1.2.8", "cpe:/a:kubernetes:kubernetes:1.13.2", "cpe:/a:kubernetes:kubernetes:1.6.1", "cpe:/a:kubernetes:kubernetes:1.4.2", "cpe:/a:kubernetes:kubernetes:1.3.2", "cpe:/a:kubernetes:kubernetes:1.3.0", "cpe:/a:kubernetes:kubernetes:1.11.0", "cpe:/a:kubernetes:kubernetes:1.10.3", "cpe:/a:kubernetes:kubernetes:1.11.9", "cpe:/a:kubernetes:kubernetes:1.7.15", "cpe:/a:kubernetes:kubernetes:1.12.5", "cpe:/a:kubernetes:kubernetes:1.10.2", "cpe:/a:kubernetes:kubernetes:1.6.13", "cpe:/a:kubernetes:kubernetes:1.2.0", "cpe:/a:kubernetes:kubernetes:1.7.4", "cpe:/a:kubernetes:kubernetes:1.8.11", "cpe:/a:kubernetes:kubernetes:1.1.3", "cpe:/a:kubernetes:kubernetes:1.10.12", "cpe:/a:kubernetes:kubernetes:1.7.1", "cpe:/a:kubernetes:kubernetes:1.13.1", "cpe:/a:kubernetes:kubernetes:1.7.14", "cpe:/a:kubernetes:kubernetes:1.5.0", "cpe:/a:kubernetes:kubernetes:1.9.0", "cpe:/a:kubernetes:kubernetes:1.12.3", "cpe:/a:kubernetes:kubernetes:1.13.5", "cpe:/a:kubernetes:kubernetes:1.10.10", "cpe:/a:kubernetes:kubernetes:1.9.10", "cpe:/a:kubernetes:kubernetes:1.13.6", "cpe:/a:kubernetes:kubernetes:1.10.7", "cpe:/a:kubernetes:kubernetes:1.6.14", "cpe:/a:kubernetes:kubernetes:1.7.12", "cpe:/a:kubernetes:kubernetes:1.7.6", "cpe:/a:kubernetes:kubernetes:1.10.11", "cpe:/a:kubernetes:kubernetes:1.1.0", "cpe:/a:kubernetes:kubernetes:1.8.6", "cpe:/a:kubernetes:kubernetes:1.8.9", "cpe:/a:kubernetes:kubernetes:1.6.8", "cpe:/a:kubernetes:kubernetes:1.7.11", "cpe:/a:kubernetes:kubernetes:1.3.5", "cpe:/a:kubernetes:kubernetes:1.7.16", "cpe:/a:kubernetes:kubernetes:1.4.5", "cpe:/a:kubernetes:kubernetes:1.3.4", "cpe:/a:kubernetes:kubernetes:1.5.2", "cpe:/a:kubernetes:kubernetes:1.13.0", "cpe:/a:kubernetes:kubernetes:1.6.0", "cpe:/a:kubernetes:kubernetes:1.12.11", "cpe:/a:kubernetes:kubernetes:1.10.8", "cpe:/a:kubernetes:kubernetes:1.6.2", "cpe:/a:kubernetes:kubernetes:1.14.3", "cpe:/a:kubernetes:kubernetes:1.11.6", "cpe:/a:kubernetes:kubernetes:1.3.9", "cpe:/a:kubernetes:kubernetes:1.3.11", "cpe:/a:kubernetes:kubernetes:1.12.10", "cpe:/a:kubernetes:kubernetes:1.3.8", "cpe:/a:kubernetes:kubernetes:1.9.9", "cpe:/a:kubernetes:kubernetes:1.1.8", "cpe:/a:kubernetes:kubernetes:1.4.8", "cpe:/a:kubernetes:kubernetes:1.8.3", "cpe:/a:kubernetes:kubernetes:1.5.8", "cpe:/a:kubernetes:kubernetes:1.1.1", "cpe:/a:kubernetes:kubernetes:1.9.1", "cpe:/a:kubernetes:kubernetes:1.14.4", "cpe:/a:kubernetes:kubernetes:1.8.1", "cpe:/a:kubernetes:kubernetes:1.0.2", "cpe:/a:kubernetes:kubernetes:1.12.6", "cpe:/a:kubernetes:kubernetes:1.4.3", "cpe:/a:kubernetes:kubernetes:1.2.4", "cpe:/a:kubernetes:kubernetes:1.7.9", "cpe:/a:kubernetes:kubernetes:1.0.3", "cpe:/a:kubernetes:kubernetes:1.5.1", "cpe:/a:kubernetes:kubernetes:1.5.9", "cpe:/a:kubernetes:kubernetes:1.3.6", "cpe:/a:kubernetes:kubernetes:1.8.10", "cpe:/a:kubernetes:kubernetes:1.1.5", "cpe:/a:kubernetes:kubernetes:1.1.6", "cpe:/a:kubernetes:kubernetes:1.15.1", "cpe:/a:kubernetes:kubernetes:1.5.5", "cpe:/a:kubernetes:kubernetes:1.14.0", "cpe:/a:kubernetes:kubernetes:1.0.6", "cpe:/a:kubernetes:kubernetes:1.5.6", "cpe:/a:kubernetes:kubernetes:1.12.4", "cpe:/a:kubernetes:kubernetes:1.1.9", "cpe:/a:kubernetes:kubernetes:1.13.8", "cpe:/a:kubernetes:kubernetes:1.7.8", "cpe:/a:kubernetes:kubernetes:1.3.10", "cpe:/a:kubernetes:kubernetes:1.2.3", "cpe:/a:kubernetes:kubernetes:1.6.3", "cpe:/a:kubernetes:kubernetes:1.0.0", "cpe:/a:kubernetes:kubernetes:1.10.4", "cpe:/a:kubernetes:kubernetes:1.11.8", "cpe:/a:kubernetes:kubernetes:1.6.11", "cpe:/a:kubernetes:kubernetes:1.7.3", "cpe:/a:kubernetes:kubernetes:1.4.4", "cpe:/a:kubernetes:kubernetes:1.1-1.12", "cpe:/a:kubernetes:kubernetes:1.7.13", "cpe:/a:kubernetes:kubernetes:1.9.7", "cpe:/a:kubernetes:kubernetes:1.9.11", "cpe:/a:kubernetes:kubernetes:1.12.0", "cpe:/a:kubernetes:kubernetes:1.9.3", "cpe:/a:kubernetes:kubernetes:1.10.13", "cpe:/a:kubernetes:kubernetes:1.4.11", "cpe:/a:kubernetes:kubernetes:1.9.6", "cpe:/a:kubernetes:kubernetes:1.11.3", "cpe:/a:kubernetes:kubernetes:1.3.1", "cpe:/a:kubernetes:kubernetes:1.7.7", "cpe:/a:kubernetes:kubernetes:1.6.9", "cpe:/a:kubernetes:kubernetes:1.11.2", "cpe:/a:kubernetes:kubernetes:1.0.7", "cpe:/a:kubernetes:kubernetes:1.10.0", "cpe:/a:kubernetes:kubernetes:1.4.9", "cpe:/a:kubernetes:kubernetes:1.4.12", "cpe:/a:kubernetes:kubernetes:1.8.2", "cpe:/a:kubernetes:kubernetes:1.15.0", "cpe:/a:kubernetes:kubernetes:1.0.5", "cpe:/a:kubernetes:kubernetes:1.9.12", "cpe:/a:kubernetes:kubernetes:1.11.1", "cpe:/a:kubernetes:kubernetes:1.4.6", "cpe:/a:kubernetes:kubernetes:1.9.4", "cpe:/a:kubernetes:kubernetes:1.7.5", "cpe:/a:kubernetes:kubernetes:1.14.2", "cpe:/a:kubernetes:kubernetes:1.11.4", "cpe:/a:kubernetes:kubernetes:1.11.7", "cpe:/a:kubernetes:kubernetes:1.5.7", "cpe:/a:kubernetes:kubernetes:1.9.8", "cpe:/a:kubernetes:kubernetes:1.8.12", "cpe:/a:kubernetes:kubernetes:1.6.5", "cpe:/a:kubernetes:kubernetes:1.3.7", "cpe:/a:kubernetes:kubernetes:1.8.14", "cpe:/a:kubernetes:kubernetes:1.13.4", "cpe:/a:kubernetes:kubernetes:1.4.7", "cpe:/a:kubernetes:kubernetes:1.7.2", "cpe:/a:kubernetes:kubernetes:1.8.0", "cpe:/a:kubernetes:kubernetes:1.2.6", "cpe:/a:kubernetes:kubernetes:1.9.2", "cpe:/a:kubernetes:kubernetes:1.5.3", "cpe:/a:kubernetes:kubernetes:1.8.16", "cpe:/a:kubernetes:kubernetes:1.0.8", "cpe:/a:kubernetes:kubernetes:1.5.4", "cpe:/a:kubernetes:kubernetes:1.12.2", "cpe:/a:kubernetes:kubernetes:1.13.7", "cpe:/a:kubernetes:kubernetes:1.10.5", "cpe:/a:kubernetes:kubernetes:1.0.1", "cpe:/a:kubernetes:kubernetes:1.13.3", "cpe:/a:kubernetes:kubernetes:1.9.5", "cpe:/a:kubernetes:kubernetes:1.12.1", "cpe:/a:kubernetes:kubernetes:1.7.17", "cpe:/a:kubernetes:kubernetes:1.4.1", "cpe:/a:kubernetes:kubernetes:1.8.8"], "cpe23": ["cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*"], "cvelist": ["CVE-2019-11249"], "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "cwe": ["CWE-264"], "description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user\u2019s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user\u2019s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.", "edition": 12, "enchantments": {"dependencies": {"modified": "2020-02-25T18:39:58", "references": [{"idList": ["ELSA-2019-4816"], "type": "oraclelinux"}, {"idList": ["OPENVAS:1361412562310876720"], "type": "openvas"}, {"idList": ["RHSA-2019:3811", "RHSA-2019:3239"], "type": "redhat"}, {"idList": ["PHOTONOS_PHSA-2019-2_0-0177_KUBERNETES.NASL", "FEDORA_2019-2B8EF08C95.NASL", "REDHAT-RHSA-2019-3239.NASL", "PHOTONOS_PHSA-2019-1_0-0252_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-1_0-0255_KUBERNETES.NASL", "REDHAT-RHSA-2019-3811.NASL", "PHOTONOS_PHSA-2019-3_0-0031_KUBERNETES.NASL"], "type": "nessus"}]}, "score": {"modified": "2020-02-25T18:39:58", "value": 4.3, "vector": "NONE"}}, "hash": "45669202e1be4b259a416d25daf62829fbba382fef1b9ee4452189fb4e9a9348", "hashmap": [{"hash": "4b34533e3dc61976dd1b621daf6ca54f", "key": "title"}, {"hash": "c85257eb8af5fff2055fa694a27bd80d", "key": "modified"}, {"hash": "3f9ace462ab2804fb8701c436555d1f3", "key": "cpe23"}, {"hash": "8854bb61adefa7acf1d05e43f25462c2", "key": "cvss2"}, {"hash": "1f289b339fc9f286bb94133e724d933e", "key": "description"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "f54542391bd069f40f1720811709fd9b", "key": "published"}, {"hash": "6b87b528f556dfeaf7e566a0b621e8a1", "key": "references"}, {"hash": "ef8e475aa73fbf8c48c1cd95a4d0b788", "key": "cpe"}, {"hash": "681444024a4e29ecaf57054a388c8b3b", "key": "affectedSoftware"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f108d74cee0654e60b003a8578995baa", "key": "href"}, {"hash": "9b6ac179f047e1e9df0fd9b54425b2cc", "key": "cvss3"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "aaa11a95d05b362dab0baec0f179c6ed", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "894c66865718fbc6c21b2703c540a197", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11249", "id": "CVE-2019-11249", "lastseen": "2020-02-25T18:39:58", "modified": "2020-02-10T21:49:00", "objectVersion": "1.3", "published": "2019-08-29T01:15:00", "references": ["https://access.redhat.com/errata/RHBA-2019:2794", "https://github.com/kubernetes/kubernetes/issues/80984", "https://access.redhat.com/errata/RHSA-2019:3811", "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ", "https://access.redhat.com/errata/RHBA-2019:2824", "https://security.netapp.com/advisory/ntap-20190919-0003/", "https://access.redhat.com/errata/RHSA-2019:3239", "https://access.redhat.com/errata/RHBA-2019:2816"], "reporter": "cve@mitre.org", "title": "CVE-2019-11249", "type": "cve", "viewCount": 127}, "differentElements": ["cpe", "affectedSoftware"], "edition": 12, "lastseen": "2020-02-25T18:39:58"}, {"bulletin": {"affectedSoftware": [], "bulletinFamily": "NVD", "cpe": [], "cpe23": [], "cvelist": ["CVE-2019-11249"], "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "cwe": [], "description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.", "edition": 2, "enchantments": {"dependencies": {"modified": "2019-08-31T10:47:46", "references": [{"idList": ["OPENVAS:1361412562310876720"], "type": "openvas"}]}, "score": {"modified": "2019-08-31T10:47:46", "value": 3.7, "vector": "NONE"}}, "hash": "6a8eff42e80702760e8512fb1e836fa62acd26f338ff96d342d71acce145d065", "hashmap": [{"hash": "4b34533e3dc61976dd1b621daf6ca54f", "key": "title"}, {"hash": "39da6d755ec2be5876c5d110084390a3", "key": "description"}, {"hash": "beb864399eb01e080ed00a12197ab9bf", "key": "references"}, {"hash": "f54542391bd069f40f1720811709fd9b", "key": "published"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cwe"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "affectedSoftware"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe23"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss3"}, {"hash": "14994cdfeeed8e0c6f99cd79382d3711", "key": "modified"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "f108d74cee0654e60b003a8578995baa", "key": "href"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cvss2"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "cpe"}, {"hash": "894c66865718fbc6c21b2703c540a197", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11249", "id": "CVE-2019-11249", "lastseen": "2019-08-31T10:47:46", "modified": "2019-08-29T12:35:00", "objectVersion": "1.3", "published": "2019-08-29T01:15:00", "references": ["https://github.com/kubernetes/kubernetes/issues/80984", "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ"], "reporter": "cve@mitre.org", "title": "CVE-2019-11249", "type": "cve", "viewCount": 119}, "differentElements": ["cpe23", "cvss", "cvss3", "cvss2", "modified", "cpe", "cwe", "affectedSoftware"], "edition": 2, "lastseen": "2019-08-31T10:47:46"}, {"bulletin": {"affectedSoftware": [{"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.17"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:kubernetes:kubernetes:1.10.1", "cpe:/a:kubernetes:kubernetes:1.1.7", "cpe:/a:kubernetes:kubernetes:1.14.1", "cpe:/a:kubernetes:kubernetes:1.2.7", "cpe:/a:kubernetes:kubernetes:1.10.9", "cpe:/a:kubernetes:kubernetes:1.11.5", "cpe:/a:kubernetes:kubernetes:1.8.15", "cpe:/a:kubernetes:kubernetes:1.8.5", "cpe:/a:kubernetes:kubernetes:1.1.2", "cpe:/a:kubernetes:kubernetes:1.2.5", "cpe:/a:kubernetes:kubernetes:1.2.1", "cpe:/a:kubernetes:kubernetes:1.6.6", "cpe:/a:kubernetes:kubernetes:1.3.3", "cpe:/a:kubernetes:kubernetes:1.8.7", "cpe:/a:kubernetes:kubernetes:1.4.0", "cpe:/a:kubernetes:kubernetes:1.7.0", "cpe:/a:kubernetes:kubernetes:1.6.10", "cpe:/a:kubernetes:kubernetes:1.0.4", "cpe:/a:kubernetes:kubernetes:1.6.7", "cpe:/a:kubernetes:kubernetes:1.2.2", "cpe:/a:kubernetes:kubernetes:1.8.4", "cpe:/a:kubernetes:kubernetes:1.8.13", "cpe:/a:kubernetes:kubernetes:1.10.6", "cpe:/a:kubernetes:kubernetes:1.6.4", "cpe:/a:kubernetes:kubernetes:1.7.10", "cpe:/a:kubernetes:kubernetes:1.1.4", "cpe:/a:kubernetes:kubernetes:1.6.12", "cpe:/a:kubernetes:kubernetes:1.2.8", "cpe:/a:kubernetes:kubernetes:1.13.2", "cpe:/a:kubernetes:kubernetes:1.6.1", "cpe:/a:kubernetes:kubernetes:1.4.2", "cpe:/a:kubernetes:kubernetes:1.3.2", "cpe:/a:kubernetes:kubernetes:1.3.0", "cpe:/a:kubernetes:kubernetes:1.11.0", "cpe:/a:kubernetes:kubernetes:1.10.3", "cpe:/a:kubernetes:kubernetes:1.11.9", "cpe:/a:kubernetes:kubernetes:1.7.15", "cpe:/a:kubernetes:kubernetes:1.12.5", "cpe:/a:kubernetes:kubernetes:1.10.2", "cpe:/a:kubernetes:kubernetes:1.6.13", "cpe:/a:kubernetes:kubernetes:1.2.0", "cpe:/a:kubernetes:kubernetes:1.7.4", "cpe:/a:kubernetes:kubernetes:1.8.11", "cpe:/a:kubernetes:kubernetes:1.1.3", "cpe:/a:kubernetes:kubernetes:1.10.12", "cpe:/a:kubernetes:kubernetes:1.7.1", "cpe:/a:kubernetes:kubernetes:1.13.1", "cpe:/a:kubernetes:kubernetes:1.7.14", "cpe:/a:kubernetes:kubernetes:1.5.0", "cpe:/a:kubernetes:kubernetes:1.9.0", "cpe:/a:kubernetes:kubernetes:1.12.3", "cpe:/a:kubernetes:kubernetes:1.13.5", "cpe:/a:kubernetes:kubernetes:1.10.10", "cpe:/a:kubernetes:kubernetes:1.9.10", "cpe:/a:kubernetes:kubernetes:1.13.6", "cpe:/a:kubernetes:kubernetes:1.10.7", "cpe:/a:kubernetes:kubernetes:1.6.14", "cpe:/a:kubernetes:kubernetes:1.7.12", "cpe:/a:kubernetes:kubernetes:1.7.6", "cpe:/a:kubernetes:kubernetes:1.10.11", "cpe:/a:kubernetes:kubernetes:1.1.0", "cpe:/a:kubernetes:kubernetes:1.8.6", "cpe:/a:kubernetes:kubernetes:1.8.9", "cpe:/a:kubernetes:kubernetes:1.6.8", "cpe:/a:kubernetes:kubernetes:1.7.11", "cpe:/a:kubernetes:kubernetes:1.3.5", "cpe:/a:kubernetes:kubernetes:1.7.16", "cpe:/a:kubernetes:kubernetes:1.4.5", "cpe:/a:kubernetes:kubernetes:1.3.4", "cpe:/a:kubernetes:kubernetes:1.5.2", "cpe:/a:kubernetes:kubernetes:1.13.0", "cpe:/a:kubernetes:kubernetes:1.6.0", "cpe:/a:kubernetes:kubernetes:1.12.11", "cpe:/a:kubernetes:kubernetes:1.10.8", "cpe:/a:kubernetes:kubernetes:1.6.2", "cpe:/a:kubernetes:kubernetes:1.14.3", "cpe:/a:kubernetes:kubernetes:1.11.6", "cpe:/a:kubernetes:kubernetes:1.3.9", "cpe:/a:kubernetes:kubernetes:1.3.11", "cpe:/a:kubernetes:kubernetes:1.12.10", "cpe:/a:kubernetes:kubernetes:1.3.8", "cpe:/a:kubernetes:kubernetes:1.9.9", "cpe:/a:kubernetes:kubernetes:1.1.8", "cpe:/a:kubernetes:kubernetes:1.4.8", "cpe:/a:kubernetes:kubernetes:1.8.3", "cpe:/a:kubernetes:kubernetes:1.5.8", "cpe:/a:kubernetes:kubernetes:1.1.1", "cpe:/a:kubernetes:kubernetes:1.9.1", "cpe:/a:kubernetes:kubernetes:1.14.4", "cpe:/a:kubernetes:kubernetes:1.8.1", "cpe:/a:kubernetes:kubernetes:1.0.2", "cpe:/a:kubernetes:kubernetes:1.12.6", "cpe:/a:kubernetes:kubernetes:1.4.3", "cpe:/a:kubernetes:kubernetes:1.2.4", "cpe:/a:kubernetes:kubernetes:1.7.9", "cpe:/a:kubernetes:kubernetes:1.0.3", "cpe:/a:kubernetes:kubernetes:1.5.1", "cpe:/a:kubernetes:kubernetes:1.5.9", "cpe:/a:kubernetes:kubernetes:1.3.6", "cpe:/a:kubernetes:kubernetes:1.8.10", "cpe:/a:kubernetes:kubernetes:1.1.5", "cpe:/a:kubernetes:kubernetes:1.1.6", "cpe:/a:kubernetes:kubernetes:1.15.1", "cpe:/a:kubernetes:kubernetes:1.5.5", "cpe:/a:kubernetes:kubernetes:1.14.0", "cpe:/a:kubernetes:kubernetes:1.0.6", "cpe:/a:kubernetes:kubernetes:1.5.6", "cpe:/a:kubernetes:kubernetes:1.12.4", "cpe:/a:kubernetes:kubernetes:1.1.9", "cpe:/a:kubernetes:kubernetes:1.13.8", "cpe:/a:kubernetes:kubernetes:1.7.8", "cpe:/a:kubernetes:kubernetes:1.3.10", "cpe:/a:kubernetes:kubernetes:1.2.3", "cpe:/a:kubernetes:kubernetes:1.6.3", "cpe:/a:kubernetes:kubernetes:1.0.0", "cpe:/a:kubernetes:kubernetes:1.10.4", "cpe:/a:kubernetes:kubernetes:1.11.8", "cpe:/a:kubernetes:kubernetes:1.6.11", "cpe:/a:kubernetes:kubernetes:1.7.3", "cpe:/a:kubernetes:kubernetes:1.4.4", "cpe:/a:kubernetes:kubernetes:1.7.13", "cpe:/a:kubernetes:kubernetes:1.9.7", "cpe:/a:kubernetes:kubernetes:1.9.11", "cpe:/a:kubernetes:kubernetes:1.12.0", "cpe:/a:kubernetes:kubernetes:1.9.3", "cpe:/a:kubernetes:kubernetes:1.10.13", "cpe:/a:kubernetes:kubernetes:1.4.11", "cpe:/a:kubernetes:kubernetes:1.9.6", "cpe:/a:kubernetes:kubernetes:1.11.3", "cpe:/a:kubernetes:kubernetes:1.3.1", "cpe:/a:kubernetes:kubernetes:1.7.7", "cpe:/a:kubernetes:kubernetes:1.6.9", "cpe:/a:kubernetes:kubernetes:1.11.2", "cpe:/a:kubernetes:kubernetes:1.0.7", "cpe:/a:kubernetes:kubernetes:1.10.0", "cpe:/a:kubernetes:kubernetes:1.4.9", "cpe:/a:kubernetes:kubernetes:1.4.12", "cpe:/a:kubernetes:kubernetes:1.8.2", "cpe:/a:kubernetes:kubernetes:1.15.0", "cpe:/a:kubernetes:kubernetes:1.0.5", "cpe:/a:kubernetes:kubernetes:1.9.12", "cpe:/a:kubernetes:kubernetes:1.11.1", "cpe:/a:kubernetes:kubernetes:1.4.6", "cpe:/a:kubernetes:kubernetes:1.9.4", "cpe:/a:kubernetes:kubernetes:1.7.5", "cpe:/a:kubernetes:kubernetes:1.14.2", "cpe:/a:kubernetes:kubernetes:1.11.4", "cpe:/a:kubernetes:kubernetes:1.11.7", "cpe:/a:kubernetes:kubernetes:1.5.7", "cpe:/a:kubernetes:kubernetes:1.9.8", "cpe:/a:kubernetes:kubernetes:1.8.12", "cpe:/a:kubernetes:kubernetes:1.6.5", "cpe:/a:kubernetes:kubernetes:1.3.7", "cpe:/a:kubernetes:kubernetes:1.8.14", "cpe:/a:kubernetes:kubernetes:1.13.4", "cpe:/a:kubernetes:kubernetes:1.4.7", "cpe:/a:kubernetes:kubernetes:1.7.2", "cpe:/a:kubernetes:kubernetes:1.8.0", "cpe:/a:kubernetes:kubernetes:1.2.6", "cpe:/a:kubernetes:kubernetes:1.9.2", "cpe:/a:kubernetes:kubernetes:1.5.3", "cpe:/a:kubernetes:kubernetes:1.8.16", "cpe:/a:kubernetes:kubernetes:1.0.8", "cpe:/a:kubernetes:kubernetes:1.5.4", "cpe:/a:kubernetes:kubernetes:1.12.2", "cpe:/a:kubernetes:kubernetes:1.13.7", "cpe:/a:kubernetes:kubernetes:1.10.5", "cpe:/a:kubernetes:kubernetes:1.0.1", "cpe:/a:kubernetes:kubernetes:1.13.3", "cpe:/a:kubernetes:kubernetes:1.9.5", "cpe:/a:kubernetes:kubernetes:1.12.1", "cpe:/a:kubernetes:kubernetes:1.7.17", "cpe:/a:kubernetes:kubernetes:1.4.1", "cpe:/a:kubernetes:kubernetes:1.8.8"], "cpe23": ["cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*"], "cvelist": ["CVE-2019-11249"], "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "cwe": ["CWE-264"], "description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.", "edition": 8, "enchantments": {"dependencies": {"modified": "2019-10-11T11:46:17", "references": [{"idList": ["ELSA-2019-4816"], "type": "oraclelinux"}, {"idList": ["PHOTONOS_PHSA-2019-2_0-0177_KUBERNETES.NASL", "FEDORA_2019-2B8EF08C95.NASL", "PHOTONOS_PHSA-2019-1_0-0252_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-1_0-0255_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-3_0-0031_KUBERNETES.NASL"], "type": "nessus"}, {"idList": ["OPENVAS:1361412562310876720"], "type": "openvas"}]}, "score": {"modified": "2019-10-11T11:46:17", "value": 4.2, "vector": "NONE"}}, "hash": "875cd1fa9fb0c1da8dab03b55147c56ce0e535cdb817edcc36626e1261f66d5c", "hashmap": [{"hash": "4b34533e3dc61976dd1b621daf6ca54f", "key": "title"}, {"hash": "557fc86a37492d711494f699a191288d", "key": "affectedSoftware"}, {"hash": "39da6d755ec2be5876c5d110084390a3", "key": "description"}, {"hash": "3f9ace462ab2804fb8701c436555d1f3", "key": "cpe23"}, {"hash": "1dab6cf59fbbc92d52cc44ec78726567", "key": "cpe"}, {"hash": "8854bb61adefa7acf1d05e43f25462c2", "key": "cvss2"}, {"hash": "b04ab6d67e4104bd85a5d4d007371367", "key": "modified"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "f54542391bd069f40f1720811709fd9b", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "061e1e3d41b71e9e572d8791d906ca5b", "key": "references"}, {"hash": "f108d74cee0654e60b003a8578995baa", "key": "href"}, {"hash": "9b6ac179f047e1e9df0fd9b54425b2cc", "key": "cvss3"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "aaa11a95d05b362dab0baec0f179c6ed", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "894c66865718fbc6c21b2703c540a197", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11249", "id": "CVE-2019-11249", "lastseen": "2019-10-11T11:46:17", "modified": "2019-10-11T04:15:00", "objectVersion": "1.3", "published": "2019-08-29T01:15:00", "references": ["https://access.redhat.com/errata/RHBA-2019:2794", "https://github.com/kubernetes/kubernetes/issues/80984", "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ", "https://access.redhat.com/errata/RHBA-2019:2824", "https://security.netapp.com/advisory/ntap-20190919-0003/", "https://access.redhat.com/errata/RHBA-2019:2816"], "reporter": "cve@mitre.org", "title": "CVE-2019-11249", "type": "cve", "viewCount": 122}, "differentElements": ["references", "modified"], "edition": 8, "lastseen": "2019-10-11T11:46:17"}, {"bulletin": {"affectedSoftware": [{"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.17"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:kubernetes:kubernetes:1.10.1", "cpe:/a:kubernetes:kubernetes:1.1.7", "cpe:/a:kubernetes:kubernetes:1.14.1", "cpe:/a:kubernetes:kubernetes:1.2.7", "cpe:/a:kubernetes:kubernetes:1.10.9", "cpe:/a:kubernetes:kubernetes:1.11.5", "cpe:/a:kubernetes:kubernetes:1.8.15", "cpe:/a:kubernetes:kubernetes:1.8.5", "cpe:/a:kubernetes:kubernetes:1.1.2", "cpe:/a:kubernetes:kubernetes:1.2.5", "cpe:/a:kubernetes:kubernetes:1.2.1", "cpe:/a:kubernetes:kubernetes:1.6.6", "cpe:/a:kubernetes:kubernetes:1.3.3", "cpe:/a:kubernetes:kubernetes:1.8.7", "cpe:/a:kubernetes:kubernetes:1.4.0", "cpe:/a:kubernetes:kubernetes:1.7.0", "cpe:/a:kubernetes:kubernetes:1.6.10", "cpe:/a:kubernetes:kubernetes:1.0.4", "cpe:/a:kubernetes:kubernetes:1.6.7", "cpe:/a:kubernetes:kubernetes:1.2.2", "cpe:/a:kubernetes:kubernetes:1.8.4", "cpe:/a:kubernetes:kubernetes:1.8.13", "cpe:/a:kubernetes:kubernetes:1.10.6", "cpe:/a:kubernetes:kubernetes:1.6.4", "cpe:/a:kubernetes:kubernetes:1.7.10", "cpe:/a:kubernetes:kubernetes:1.1.4", "cpe:/a:kubernetes:kubernetes:1.6.12", "cpe:/a:kubernetes:kubernetes:1.2.8", "cpe:/a:kubernetes:kubernetes:1.13.2", "cpe:/a:kubernetes:kubernetes:1.6.1", "cpe:/a:kubernetes:kubernetes:1.4.2", "cpe:/a:kubernetes:kubernetes:1.3.2", "cpe:/a:kubernetes:kubernetes:1.3.0", "cpe:/a:kubernetes:kubernetes:1.11.0", "cpe:/a:kubernetes:kubernetes:1.10.3", "cpe:/a:kubernetes:kubernetes:1.11.9", "cpe:/a:kubernetes:kubernetes:1.7.15", "cpe:/a:kubernetes:kubernetes:1.12.5", "cpe:/a:kubernetes:kubernetes:1.10.2", "cpe:/a:kubernetes:kubernetes:1.6.13", "cpe:/a:kubernetes:kubernetes:1.2.0", "cpe:/a:kubernetes:kubernetes:1.7.4", "cpe:/a:kubernetes:kubernetes:1.8.11", "cpe:/a:kubernetes:kubernetes:1.1.3", "cpe:/a:kubernetes:kubernetes:1.10.12", "cpe:/a:kubernetes:kubernetes:1.7.1", "cpe:/a:kubernetes:kubernetes:1.13.1", "cpe:/a:kubernetes:kubernetes:1.7.14", "cpe:/a:kubernetes:kubernetes:1.5.0", "cpe:/a:kubernetes:kubernetes:1.9.0", "cpe:/a:kubernetes:kubernetes:1.12.3", "cpe:/a:kubernetes:kubernetes:1.13.5", "cpe:/a:kubernetes:kubernetes:1.10.10", "cpe:/a:kubernetes:kubernetes:1.9.10", "cpe:/a:kubernetes:kubernetes:1.13.6", "cpe:/a:kubernetes:kubernetes:1.10.7", "cpe:/a:kubernetes:kubernetes:1.6.14", "cpe:/a:kubernetes:kubernetes:1.7.12", "cpe:/a:kubernetes:kubernetes:1.7.6", "cpe:/a:kubernetes:kubernetes:1.10.11", "cpe:/a:kubernetes:kubernetes:1.1.0", "cpe:/a:kubernetes:kubernetes:1.8.6", "cpe:/a:kubernetes:kubernetes:1.8.9", "cpe:/a:kubernetes:kubernetes:1.6.8", "cpe:/a:kubernetes:kubernetes:1.7.11", "cpe:/a:kubernetes:kubernetes:1.3.5", "cpe:/a:kubernetes:kubernetes:1.7.16", "cpe:/a:kubernetes:kubernetes:1.4.5", "cpe:/a:kubernetes:kubernetes:1.3.4", "cpe:/a:kubernetes:kubernetes:1.5.2", "cpe:/a:kubernetes:kubernetes:1.13.0", "cpe:/a:kubernetes:kubernetes:1.6.0", "cpe:/a:kubernetes:kubernetes:1.12.11", "cpe:/a:kubernetes:kubernetes:1.10.8", "cpe:/a:kubernetes:kubernetes:1.6.2", "cpe:/a:kubernetes:kubernetes:1.14.3", "cpe:/a:kubernetes:kubernetes:1.11.6", "cpe:/a:kubernetes:kubernetes:1.3.9", "cpe:/a:kubernetes:kubernetes:1.3.11", "cpe:/a:kubernetes:kubernetes:1.12.10", "cpe:/a:kubernetes:kubernetes:1.3.8", "cpe:/a:kubernetes:kubernetes:1.9.9", "cpe:/a:kubernetes:kubernetes:1.1.8", "cpe:/a:kubernetes:kubernetes:1.4.8", "cpe:/a:kubernetes:kubernetes:1.8.3", "cpe:/a:kubernetes:kubernetes:1.5.8", "cpe:/a:kubernetes:kubernetes:1.1.1", "cpe:/a:kubernetes:kubernetes:1.9.1", "cpe:/a:kubernetes:kubernetes:1.14.4", "cpe:/a:kubernetes:kubernetes:1.8.1", "cpe:/a:kubernetes:kubernetes:1.0.2", "cpe:/a:kubernetes:kubernetes:1.12.6", "cpe:/a:kubernetes:kubernetes:1.4.3", "cpe:/a:kubernetes:kubernetes:1.2.4", "cpe:/a:kubernetes:kubernetes:1.7.9", "cpe:/a:kubernetes:kubernetes:1.0.3", "cpe:/a:kubernetes:kubernetes:1.5.1", "cpe:/a:kubernetes:kubernetes:1.5.9", "cpe:/a:kubernetes:kubernetes:1.3.6", "cpe:/a:kubernetes:kubernetes:1.8.10", "cpe:/a:kubernetes:kubernetes:1.1.5", "cpe:/a:kubernetes:kubernetes:1.1.6", "cpe:/a:kubernetes:kubernetes:1.15.1", "cpe:/a:kubernetes:kubernetes:1.5.5", "cpe:/a:kubernetes:kubernetes:1.14.0", "cpe:/a:kubernetes:kubernetes:1.0.6", "cpe:/a:kubernetes:kubernetes:1.5.6", "cpe:/a:kubernetes:kubernetes:1.12.4", "cpe:/a:kubernetes:kubernetes:1.1.9", "cpe:/a:kubernetes:kubernetes:1.13.8", "cpe:/a:kubernetes:kubernetes:1.7.8", "cpe:/a:kubernetes:kubernetes:1.3.10", "cpe:/a:kubernetes:kubernetes:1.2.3", "cpe:/a:kubernetes:kubernetes:1.6.3", "cpe:/a:kubernetes:kubernetes:1.0.0", "cpe:/a:kubernetes:kubernetes:1.10.4", "cpe:/a:kubernetes:kubernetes:1.11.8", "cpe:/a:kubernetes:kubernetes:1.6.11", "cpe:/a:kubernetes:kubernetes:1.7.3", "cpe:/a:kubernetes:kubernetes:1.4.4", "cpe:/a:kubernetes:kubernetes:1.7.13", "cpe:/a:kubernetes:kubernetes:1.9.7", "cpe:/a:kubernetes:kubernetes:1.9.11", "cpe:/a:kubernetes:kubernetes:1.12.0", "cpe:/a:kubernetes:kubernetes:1.9.3", "cpe:/a:kubernetes:kubernetes:1.10.13", "cpe:/a:kubernetes:kubernetes:1.4.11", "cpe:/a:kubernetes:kubernetes:1.9.6", "cpe:/a:kubernetes:kubernetes:1.11.3", "cpe:/a:kubernetes:kubernetes:1.3.1", "cpe:/a:kubernetes:kubernetes:1.7.7", "cpe:/a:kubernetes:kubernetes:1.6.9", "cpe:/a:kubernetes:kubernetes:1.11.2", "cpe:/a:kubernetes:kubernetes:1.0.7", "cpe:/a:kubernetes:kubernetes:1.10.0", "cpe:/a:kubernetes:kubernetes:1.4.9", "cpe:/a:kubernetes:kubernetes:1.4.12", "cpe:/a:kubernetes:kubernetes:1.8.2", "cpe:/a:kubernetes:kubernetes:1.15.0", "cpe:/a:kubernetes:kubernetes:1.0.5", "cpe:/a:kubernetes:kubernetes:1.9.12", "cpe:/a:kubernetes:kubernetes:1.11.1", "cpe:/a:kubernetes:kubernetes:1.4.6", "cpe:/a:kubernetes:kubernetes:1.9.4", "cpe:/a:kubernetes:kubernetes:1.7.5", "cpe:/a:kubernetes:kubernetes:1.14.2", "cpe:/a:kubernetes:kubernetes:1.11.4", "cpe:/a:kubernetes:kubernetes:1.11.7", "cpe:/a:kubernetes:kubernetes:1.5.7", "cpe:/a:kubernetes:kubernetes:1.9.8", "cpe:/a:kubernetes:kubernetes:1.8.12", "cpe:/a:kubernetes:kubernetes:1.6.5", "cpe:/a:kubernetes:kubernetes:1.3.7", "cpe:/a:kubernetes:kubernetes:1.8.14", "cpe:/a:kubernetes:kubernetes:1.13.4", "cpe:/a:kubernetes:kubernetes:1.4.7", "cpe:/a:kubernetes:kubernetes:1.7.2", "cpe:/a:kubernetes:kubernetes:1.8.0", "cpe:/a:kubernetes:kubernetes:1.2.6", "cpe:/a:kubernetes:kubernetes:1.9.2", "cpe:/a:kubernetes:kubernetes:1.5.3", "cpe:/a:kubernetes:kubernetes:1.8.16", "cpe:/a:kubernetes:kubernetes:1.0.8", "cpe:/a:kubernetes:kubernetes:1.5.4", "cpe:/a:kubernetes:kubernetes:1.12.2", "cpe:/a:kubernetes:kubernetes:1.13.7", "cpe:/a:kubernetes:kubernetes:1.10.5", "cpe:/a:kubernetes:kubernetes:1.0.1", "cpe:/a:kubernetes:kubernetes:1.13.3", "cpe:/a:kubernetes:kubernetes:1.9.5", "cpe:/a:kubernetes:kubernetes:1.12.1", "cpe:/a:kubernetes:kubernetes:1.7.17", "cpe:/a:kubernetes:kubernetes:1.4.1", "cpe:/a:kubernetes:kubernetes:1.8.8"], "cpe23": ["cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*"], "cvelist": ["CVE-2019-11249"], "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "cwe": ["CWE-264"], "description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.", "edition": 5, "enchantments": {"dependencies": {"modified": "2019-09-20T10:55:10", "references": [{"idList": ["OPENVAS:1361412562310876720"], "type": "openvas"}]}, "score": {"modified": "2019-09-20T10:55:10", "value": 3.7, "vector": "NONE"}}, "hash": "14210dd29ca1b434f85410b16402d4647e8e500d70adb8dc7fc105cefd31a304", "hashmap": [{"hash": "4b34533e3dc61976dd1b621daf6ca54f", "key": "title"}, {"hash": "8e4763d9e49c83fe88bc703d05acd9fb", "key": "modified"}, {"hash": "557fc86a37492d711494f699a191288d", "key": "affectedSoftware"}, {"hash": "39da6d755ec2be5876c5d110084390a3", "key": "description"}, {"hash": "29e9cf3003157251396292764c48c14c", "key": "references"}, {"hash": "3f9ace462ab2804fb8701c436555d1f3", "key": "cpe23"}, {"hash": "1dab6cf59fbbc92d52cc44ec78726567", "key": "cpe"}, {"hash": "8854bb61adefa7acf1d05e43f25462c2", "key": "cvss2"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "f54542391bd069f40f1720811709fd9b", "key": "published"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f108d74cee0654e60b003a8578995baa", "key": "href"}, {"hash": "9b6ac179f047e1e9df0fd9b54425b2cc", "key": "cvss3"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "aaa11a95d05b362dab0baec0f179c6ed", "key": "cvss"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "894c66865718fbc6c21b2703c540a197", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11249", "id": "CVE-2019-11249", "lastseen": "2019-09-20T10:55:10", "modified": "2019-09-19T17:15:00", "objectVersion": "1.3", "published": "2019-08-29T01:15:00", "references": ["https://github.com/kubernetes/kubernetes/issues/80984", "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ", "https://security.netapp.com/advisory/ntap-20190919-0003/"], "reporter": "cve@mitre.org", "title": "CVE-2019-11249", "type": "cve", "viewCount": 119}, "differentElements": ["references", "modified"], "edition": 5, "lastseen": "2019-09-20T10:55:10"}, {"bulletin": {"affectedSoftware": [{"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.17"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.7"}], "bulletinFamily": "NVD", "cpe": ["cpe:/a:kubernetes:kubernetes:1.10.1", "cpe:/a:kubernetes:kubernetes:1.1.7", "cpe:/a:kubernetes:kubernetes:1.14.1", "cpe:/a:kubernetes:kubernetes:1.2.7", "cpe:/a:kubernetes:kubernetes:1.10.9", "cpe:/a:kubernetes:kubernetes:1.11.5", "cpe:/a:kubernetes:kubernetes:1.8.15", "cpe:/a:kubernetes:kubernetes:1.8.5", "cpe:/a:kubernetes:kubernetes:1.1.2", "cpe:/a:kubernetes:kubernetes:1.2.5", "cpe:/a:kubernetes:kubernetes:1.2.1", "cpe:/a:kubernetes:kubernetes:1.6.6", "cpe:/a:kubernetes:kubernetes:1.3.3", "cpe:/a:kubernetes:kubernetes:1.8.7", "cpe:/a:kubernetes:kubernetes:1.4.0", "cpe:/a:kubernetes:kubernetes:1.7.0", "cpe:/a:kubernetes:kubernetes:1.6.10", "cpe:/a:kubernetes:kubernetes:1.0.4", "cpe:/a:kubernetes:kubernetes:1.6.7", "cpe:/a:kubernetes:kubernetes:1.2.2", "cpe:/a:kubernetes:kubernetes:1.8.4", "cpe:/a:kubernetes:kubernetes:1.8.13", "cpe:/a:kubernetes:kubernetes:1.10.6", "cpe:/a:kubernetes:kubernetes:1.6.4", "cpe:/a:kubernetes:kubernetes:1.7.10", "cpe:/a:kubernetes:kubernetes:1.1.4", "cpe:/a:kubernetes:kubernetes:1.6.12", "cpe:/a:kubernetes:kubernetes:1.2.8", "cpe:/a:kubernetes:kubernetes:1.13.2", "cpe:/a:kubernetes:kubernetes:1.6.1", "cpe:/a:kubernetes:kubernetes:1.4.2", "cpe:/a:kubernetes:kubernetes:1.3.2", "cpe:/a:kubernetes:kubernetes:1.3.0", "cpe:/a:kubernetes:kubernetes:1.11.0", "cpe:/a:kubernetes:kubernetes:1.10.3", "cpe:/a:kubernetes:kubernetes:1.11.9", "cpe:/a:kubernetes:kubernetes:1.7.15", "cpe:/a:kubernetes:kubernetes:1.12.5", "cpe:/a:kubernetes:kubernetes:1.10.2", "cpe:/a:kubernetes:kubernetes:1.6.13", "cpe:/a:kubernetes:kubernetes:1.2.0", "cpe:/a:kubernetes:kubernetes:1.7.4", "cpe:/a:kubernetes:kubernetes:1.8.11", "cpe:/a:kubernetes:kubernetes:1.1.3", "cpe:/a:kubernetes:kubernetes:1.10.12", "cpe:/a:kubernetes:kubernetes:1.7.1", "cpe:/a:kubernetes:kubernetes:1.13.1", "cpe:/a:kubernetes:kubernetes:1.7.14", "cpe:/a:kubernetes:kubernetes:1.5.0", "cpe:/a:kubernetes:kubernetes:1.9.0", "cpe:/a:kubernetes:kubernetes:1.12.3", "cpe:/a:kubernetes:kubernetes:1.13.5", "cpe:/a:kubernetes:kubernetes:1.10.10", "cpe:/a:kubernetes:kubernetes:1.9.10", "cpe:/a:kubernetes:kubernetes:1.13.6", "cpe:/a:kubernetes:kubernetes:1.10.7", "cpe:/a:kubernetes:kubernetes:1.6.14", "cpe:/a:kubernetes:kubernetes:1.7.12", "cpe:/a:kubernetes:kubernetes:1.7.6", "cpe:/a:kubernetes:kubernetes:1.10.11", "cpe:/a:kubernetes:kubernetes:1.1.0", "cpe:/a:kubernetes:kubernetes:1.8.6", "cpe:/a:kubernetes:kubernetes:1.8.9", "cpe:/a:kubernetes:kubernetes:1.6.8", "cpe:/a:kubernetes:kubernetes:1.7.11", "cpe:/a:kubernetes:kubernetes:1.3.5", "cpe:/a:kubernetes:kubernetes:1.7.16", "cpe:/a:kubernetes:kubernetes:1.4.5", "cpe:/a:kubernetes:kubernetes:1.3.4", "cpe:/a:kubernetes:kubernetes:1.5.2", "cpe:/a:kubernetes:kubernetes:1.13.0", "cpe:/a:kubernetes:kubernetes:1.6.0", "cpe:/a:kubernetes:kubernetes:1.12.11", "cpe:/a:kubernetes:kubernetes:1.10.8", "cpe:/a:kubernetes:kubernetes:1.6.2", "cpe:/a:kubernetes:kubernetes:1.14.3", "cpe:/a:kubernetes:kubernetes:1.11.6", "cpe:/a:kubernetes:kubernetes:1.3.9", "cpe:/a:kubernetes:kubernetes:1.3.11", "cpe:/a:kubernetes:kubernetes:1.12.10", "cpe:/a:kubernetes:kubernetes:1.3.8", "cpe:/a:kubernetes:kubernetes:1.9.9", "cpe:/a:kubernetes:kubernetes:1.1.8", "cpe:/a:kubernetes:kubernetes:1.4.8", "cpe:/a:kubernetes:kubernetes:1.8.3", "cpe:/a:kubernetes:kubernetes:1.5.8", "cpe:/a:kubernetes:kubernetes:1.1.1", "cpe:/a:kubernetes:kubernetes:1.9.1", "cpe:/a:kubernetes:kubernetes:1.14.4", "cpe:/a:kubernetes:kubernetes:1.8.1", "cpe:/a:kubernetes:kubernetes:1.0.2", "cpe:/a:kubernetes:kubernetes:1.12.6", "cpe:/a:kubernetes:kubernetes:1.4.3", "cpe:/a:kubernetes:kubernetes:1.2.4", "cpe:/a:kubernetes:kubernetes:1.7.9", "cpe:/a:kubernetes:kubernetes:1.0.3", "cpe:/a:kubernetes:kubernetes:1.5.1", "cpe:/a:kubernetes:kubernetes:1.5.9", "cpe:/a:kubernetes:kubernetes:1.3.6", "cpe:/a:kubernetes:kubernetes:1.8.10", "cpe:/a:kubernetes:kubernetes:1.1.5", "cpe:/a:kubernetes:kubernetes:1.1.6", "cpe:/a:kubernetes:kubernetes:1.15.1", "cpe:/a:kubernetes:kubernetes:1.5.5", "cpe:/a:kubernetes:kubernetes:1.14.0", "cpe:/a:kubernetes:kubernetes:1.0.6", "cpe:/a:kubernetes:kubernetes:1.5.6", "cpe:/a:kubernetes:kubernetes:1.12.4", "cpe:/a:kubernetes:kubernetes:1.1.9", "cpe:/a:kubernetes:kubernetes:1.13.8", "cpe:/a:kubernetes:kubernetes:1.7.8", "cpe:/a:kubernetes:kubernetes:1.3.10", "cpe:/a:kubernetes:kubernetes:1.2.3", "cpe:/a:kubernetes:kubernetes:1.6.3", "cpe:/a:kubernetes:kubernetes:1.0.0", "cpe:/a:kubernetes:kubernetes:1.10.4", "cpe:/a:kubernetes:kubernetes:1.11.8", "cpe:/a:kubernetes:kubernetes:1.6.11", "cpe:/a:kubernetes:kubernetes:1.7.3", "cpe:/a:kubernetes:kubernetes:1.4.4", "cpe:/a:kubernetes:kubernetes:1.7.13", "cpe:/a:kubernetes:kubernetes:1.9.7", "cpe:/a:kubernetes:kubernetes:1.9.11", "cpe:/a:kubernetes:kubernetes:1.12.0", "cpe:/a:kubernetes:kubernetes:1.9.3", "cpe:/a:kubernetes:kubernetes:1.10.13", "cpe:/a:kubernetes:kubernetes:1.4.11", "cpe:/a:kubernetes:kubernetes:1.9.6", "cpe:/a:kubernetes:kubernetes:1.11.3", "cpe:/a:kubernetes:kubernetes:1.3.1", "cpe:/a:kubernetes:kubernetes:1.7.7", "cpe:/a:kubernetes:kubernetes:1.6.9", "cpe:/a:kubernetes:kubernetes:1.11.2", "cpe:/a:kubernetes:kubernetes:1.0.7", "cpe:/a:kubernetes:kubernetes:1.10.0", "cpe:/a:kubernetes:kubernetes:1.4.9", "cpe:/a:kubernetes:kubernetes:1.4.12", "cpe:/a:kubernetes:kubernetes:1.8.2", "cpe:/a:kubernetes:kubernetes:1.15.0", "cpe:/a:kubernetes:kubernetes:1.0.5", "cpe:/a:kubernetes:kubernetes:1.9.12", "cpe:/a:kubernetes:kubernetes:1.11.1", "cpe:/a:kubernetes:kubernetes:1.4.6", "cpe:/a:kubernetes:kubernetes:1.9.4", "cpe:/a:kubernetes:kubernetes:1.7.5", "cpe:/a:kubernetes:kubernetes:1.14.2", "cpe:/a:kubernetes:kubernetes:1.11.4", "cpe:/a:kubernetes:kubernetes:1.11.7", "cpe:/a:kubernetes:kubernetes:1.5.7", "cpe:/a:kubernetes:kubernetes:1.9.8", "cpe:/a:kubernetes:kubernetes:1.8.12", "cpe:/a:kubernetes:kubernetes:1.6.5", "cpe:/a:kubernetes:kubernetes:1.3.7", "cpe:/a:kubernetes:kubernetes:1.8.14", "cpe:/a:kubernetes:kubernetes:1.13.4", "cpe:/a:kubernetes:kubernetes:1.4.7", "cpe:/a:kubernetes:kubernetes:1.7.2", "cpe:/a:kubernetes:kubernetes:1.8.0", "cpe:/a:kubernetes:kubernetes:1.2.6", "cpe:/a:kubernetes:kubernetes:1.9.2", "cpe:/a:kubernetes:kubernetes:1.5.3", "cpe:/a:kubernetes:kubernetes:1.8.16", "cpe:/a:kubernetes:kubernetes:1.0.8", "cpe:/a:kubernetes:kubernetes:1.5.4", "cpe:/a:kubernetes:kubernetes:1.12.2", "cpe:/a:kubernetes:kubernetes:1.13.7", "cpe:/a:kubernetes:kubernetes:1.10.5", "cpe:/a:kubernetes:kubernetes:1.0.1", "cpe:/a:kubernetes:kubernetes:1.13.3", "cpe:/a:kubernetes:kubernetes:1.9.5", "cpe:/a:kubernetes:kubernetes:1.12.1", "cpe:/a:kubernetes:kubernetes:1.7.17", "cpe:/a:kubernetes:kubernetes:1.4.1", "cpe:/a:kubernetes:kubernetes:1.8.8"], "cpe23": ["cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*"], "cvelist": ["CVE-2019-11249"], "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "cwe": ["CWE-264"], "description": "The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.", "edition": 9, "enchantments": {"dependencies": {"modified": "2019-10-30T11:14:42", "references": [{"idList": ["ELSA-2019-4816"], "type": "oraclelinux"}, {"idList": ["OPENVAS:1361412562310876720"], "type": "openvas"}, {"idList": ["RHSA-2019:3811", "RHSA-2019:3239"], "type": "redhat"}, {"idList": ["PHOTONOS_PHSA-2019-2_0-0177_KUBERNETES.NASL", "FEDORA_2019-2B8EF08C95.NASL", "REDHAT-RHSA-2019-3239.NASL", "PHOTONOS_PHSA-2019-1_0-0252_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-1_0-0255_KUBERNETES.NASL", "REDHAT-RHSA-2019-3811.NASL", "PHOTONOS_PHSA-2019-3_0-0031_KUBERNETES.NASL"], "type": "nessus"}]}, "score": {"modified": "2019-10-30T11:14:42", "value": 4.3, "vector": "NONE"}}, "hash": "618ce9f9cf0f358aa233651f5bc1815477f9ed053ffca706dd6ab88fdeb35d8d", "hashmap": [{"hash": "4b34533e3dc61976dd1b621daf6ca54f", "key": "title"}, {"hash": "557fc86a37492d711494f699a191288d", "key": "affectedSoftware"}, {"hash": "39da6d755ec2be5876c5d110084390a3", "key": "description"}, {"hash": "3f9ace462ab2804fb8701c436555d1f3", "key": "cpe23"}, {"hash": "1dab6cf59fbbc92d52cc44ec78726567", "key": "cpe"}, {"hash": "8854bb61adefa7acf1d05e43f25462c2", "key": "cvss2"}, {"hash": "fa12e087f68642fcaefafba0d4583885", "key": "cwe"}, {"hash": "f54542391bd069f40f1720811709fd9b", "key": "published"}, {"hash": "0788d08f0d2370e7cbea04ff49c3e858", "key": "references"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "f108d74cee0654e60b003a8578995baa", "key": "href"}, {"hash": "9b6ac179f047e1e9df0fd9b54425b2cc", "key": "cvss3"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "aaa11a95d05b362dab0baec0f179c6ed", "key": "cvss"}, {"hash": "7574eadbd22d26ed2b3f9ce89f41d5c5", "key": "modified"}, {"hash": "444c2b4dda4a55437faa8bef1a141e84", "key": "reporter"}, {"hash": "894c66865718fbc6c21b2703c540a197", "key": "cvelist"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-11249", "id": "CVE-2019-11249", "lastseen": "2019-10-30T11:14:42", "modified": "2019-10-29T21:15:00", "objectVersion": "1.3", "published": "2019-08-29T01:15:00", "references": ["https://access.redhat.com/errata/RHBA-2019:2794", "https://github.com/kubernetes/kubernetes/issues/80984", "https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ", "https://access.redhat.com/errata/RHBA-2019:2824", "https://security.netapp.com/advisory/ntap-20190919-0003/", "https://access.redhat.com/errata/RHSA-2019:3239", "https://access.redhat.com/errata/RHBA-2019:2816"], "reporter": "cve@mitre.org", "title": "CVE-2019-11249", "type": "cve", "viewCount": 122}, "differentElements": ["references", "modified"], "edition": 9, "lastseen": "2019-10-30T11:14:42"}], "edition": 13, "hashmap": [{"key": "affectedSoftware", "hash": "5a076d2a1e1a8fec639f2721624e39d7"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "0ce34275175e92fa476025d5f7873b59"}, {"key": "cpe23", "hash": "3f9ace462ab2804fb8701c436555d1f3"}, {"key": "cvelist", "hash": "894c66865718fbc6c21b2703c540a197"}, {"key": "cvss", "hash": "aaa11a95d05b362dab0baec0f179c6ed"}, {"key": "cvss2", "hash": "8854bb61adefa7acf1d05e43f25462c2"}, {"key": "cvss3", "hash": "9b6ac179f047e1e9df0fd9b54425b2cc"}, {"key": "cwe", "hash": "fa12e087f68642fcaefafba0d4583885"}, {"key": "description", "hash": "1f289b339fc9f286bb94133e724d933e"}, {"key": "href", "hash": "f108d74cee0654e60b003a8578995baa"}, {"key": "modified", "hash": "c85257eb8af5fff2055fa694a27bd80d"}, {"key": "published", "hash": "f54542391bd069f40f1720811709fd9b"}, {"key": "references", "hash": "6b87b528f556dfeaf7e566a0b621e8a1"}, {"key": "reporter", "hash": "444c2b4dda4a55437faa8bef1a141e84"}, {"key": "title", "hash": "4b34533e3dc61976dd1b621daf6ca54f"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "3767359e5c1cddfe241745a08cd807270bdf257a23514190166c57f549721707", "viewCount": 128, "enchantments": {"dependencies": {"references": [{"type": "redhat", "idList": ["RHSA-2019:3811", "RHSA-2019:3239"]}, {"type": "nessus", "idList": ["PHOTONOS_PHSA-2019-1_0-0255_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-3_0-0031_KUBERNETES.NASL", "PHOTONOS_PHSA-2019-2_0-0177_KUBERNETES.NASL", "REDHAT-RHSA-2019-3239.NASL", "REDHAT-RHSA-2019-3811.NASL", "FEDORA_2019-2B8EF08C95.NASL", "PHOTONOS_PHSA-2019-1_0-0252_KUBERNETES.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310876720"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-4816"]}], "modified": "2020-04-04T00:15:48", "rev": 2}, "score": {"value": 4.3, "vector": "NONE", "modified": "2020-04-04T00:15:48", "rev": 2}, "vulnersScore": 4.3}, "objectVersion": "1.3", "cpe": ["cpe:/a:kubernetes:kubernetes:1.10.1", "cpe:/a:kubernetes:kubernetes:1.1.7", "cpe:/a:kubernetes:kubernetes:1.14.1", "cpe:/a:kubernetes:kubernetes:1.2.7", "cpe:/a:kubernetes:kubernetes:1.10.9", "cpe:/a:kubernetes:kubernetes:1.11.5", "cpe:/a:kubernetes:kubernetes:1.8.15", "cpe:/a:kubernetes:kubernetes:1.8.5", "cpe:/a:kubernetes:kubernetes:1.1.2", "cpe:/a:kubernetes:kubernetes:1.2.5", "cpe:/a:kubernetes:kubernetes:1.2.1", "cpe:/a:kubernetes:kubernetes:1.6.6", "cpe:/a:kubernetes:kubernetes:1.3.3", "cpe:/a:kubernetes:kubernetes:1.8.7", "cpe:/a:kubernetes:kubernetes:1.4.0", "cpe:/a:kubernetes:kubernetes:1.7.0", "cpe:/a:kubernetes:kubernetes:1.6.10", "cpe:/a:kubernetes:kubernetes:1.0.4", "cpe:/a:kubernetes:kubernetes:1.12.7", "cpe:/a:kubernetes:kubernetes:1.6.7", "cpe:/a:kubernetes:kubernetes:1.2.2", "cpe:/a:kubernetes:kubernetes:1.8.4", "cpe:/a:kubernetes:kubernetes:1.8.13", "cpe:/a:kubernetes:kubernetes:1.12.8", "cpe:/a:kubernetes:kubernetes:1.10.6", "cpe:/a:kubernetes:kubernetes:1.6.4", "cpe:/a:kubernetes:kubernetes:1.7.10", "cpe:/a:kubernetes:kubernetes:1.1.4", "cpe:/a:kubernetes:kubernetes:1.6.12", "cpe:/a:kubernetes:kubernetes:1.2.8", "cpe:/a:kubernetes:kubernetes:1.13.2", "cpe:/a:kubernetes:kubernetes:1.6.1", "cpe:/a:kubernetes:kubernetes:1.4.2", "cpe:/a:kubernetes:kubernetes:1.3.2", "cpe:/a:kubernetes:kubernetes:1.3.0", "cpe:/a:kubernetes:kubernetes:1.11.0", "cpe:/a:kubernetes:kubernetes:1.10.3", "cpe:/a:kubernetes:kubernetes:1.11.9", "cpe:/a:kubernetes:kubernetes:1.7.15", "cpe:/a:kubernetes:kubernetes:1.12.5", "cpe:/a:kubernetes:kubernetes:1.10.2", "cpe:/a:kubernetes:kubernetes:1.6.13", "cpe:/a:kubernetes:kubernetes:1.2.0", "cpe:/a:kubernetes:kubernetes:1.7.4", "cpe:/a:kubernetes:kubernetes:1.8.11", "cpe:/a:kubernetes:kubernetes:1.1.3", "cpe:/a:kubernetes:kubernetes:1.10.12", "cpe:/a:kubernetes:kubernetes:1.7.1", "cpe:/a:kubernetes:kubernetes:1.13.1", "cpe:/a:kubernetes:kubernetes:1.7.14", "cpe:/a:kubernetes:kubernetes:1.5.0", "cpe:/a:kubernetes:kubernetes:1.9.0", "cpe:/a:kubernetes:kubernetes:1.12.3", "cpe:/a:kubernetes:kubernetes:1.13.5", "cpe:/a:kubernetes:kubernetes:1.10.10", "cpe:/a:kubernetes:kubernetes:1.9.10", "cpe:/a:kubernetes:kubernetes:1.13.6", "cpe:/a:kubernetes:kubernetes:1.10.7", "cpe:/a:kubernetes:kubernetes:1.6.14", "cpe:/a:kubernetes:kubernetes:1.7.12", "cpe:/a:kubernetes:kubernetes:1.7.6", "cpe:/a:kubernetes:kubernetes:1.10.11", "cpe:/a:kubernetes:kubernetes:1.1.0", "cpe:/a:kubernetes:kubernetes:1.8.6", "cpe:/a:kubernetes:kubernetes:1.8.9", "cpe:/a:kubernetes:kubernetes:1.6.8", "cpe:/a:kubernetes:kubernetes:1.7.11", "cpe:/a:kubernetes:kubernetes:1.3.5", "cpe:/a:kubernetes:kubernetes:1.7.16", "cpe:/a:kubernetes:kubernetes:1.4.5", "cpe:/a:kubernetes:kubernetes:1.3.4", "cpe:/a:kubernetes:kubernetes:1.5.2", "cpe:/a:kubernetes:kubernetes:1.13.0", "cpe:/a:kubernetes:kubernetes:1.6.0", "cpe:/a:kubernetes:kubernetes:1.12.11", "cpe:/a:kubernetes:kubernetes:1.10.8", "cpe:/a:kubernetes:kubernetes:1.6.2", "cpe:/a:kubernetes:kubernetes:1.14.3", "cpe:/a:kubernetes:kubernetes:1.11.6", "cpe:/a:kubernetes:kubernetes:1.3.9", "cpe:/a:kubernetes:kubernetes:1.3.11", "cpe:/a:kubernetes:kubernetes:1.12.10", "cpe:/a:kubernetes:kubernetes:1.3.8", "cpe:/a:kubernetes:kubernetes:1.9.9", "cpe:/a:kubernetes:kubernetes:1.1.8", "cpe:/a:kubernetes:kubernetes:1.4.8", "cpe:/a:kubernetes:kubernetes:1.8.3", "cpe:/a:kubernetes:kubernetes:1.5.8", "cpe:/a:kubernetes:kubernetes:1.1.1", "cpe:/a:kubernetes:kubernetes:1.9.1", "cpe:/a:kubernetes:kubernetes:1.14.4", "cpe:/a:kubernetes:kubernetes:1.8.1", "cpe:/a:kubernetes:kubernetes:1.0.2", "cpe:/a:kubernetes:kubernetes:1.12.6", "cpe:/a:kubernetes:kubernetes:1.4.3", "cpe:/a:kubernetes:kubernetes:1.2.4", "cpe:/a:kubernetes:kubernetes:1.7.9", "cpe:/a:kubernetes:kubernetes:1.0.3", "cpe:/a:kubernetes:kubernetes:1.5.1", "cpe:/a:kubernetes:kubernetes:1.5.9", "cpe:/a:kubernetes:kubernetes:1.3.6", "cpe:/a:kubernetes:kubernetes:1.8.10", "cpe:/a:kubernetes:kubernetes:1.1.5", "cpe:/a:kubernetes:kubernetes:1.1.6", "cpe:/a:kubernetes:kubernetes:1.15.1", "cpe:/a:kubernetes:kubernetes:1.5.5", "cpe:/a:kubernetes:kubernetes:1.14.0", "cpe:/a:kubernetes:kubernetes:1.0.6", "cpe:/a:kubernetes:kubernetes:1.5.6", "cpe:/a:kubernetes:kubernetes:1.12.4", "cpe:/a:kubernetes:kubernetes:1.1.9", "cpe:/a:kubernetes:kubernetes:1.13.8", "cpe:/a:kubernetes:kubernetes:1.7.8", "cpe:/a:kubernetes:kubernetes:1.3.10", "cpe:/a:kubernetes:kubernetes:1.2.3", "cpe:/a:kubernetes:kubernetes:1.6.3", "cpe:/a:kubernetes:kubernetes:1.0.0", "cpe:/a:kubernetes:kubernetes:1.10.4", "cpe:/a:kubernetes:kubernetes:1.11.8", "cpe:/a:kubernetes:kubernetes:1.12.9", "cpe:/a:kubernetes:kubernetes:1.6.11", "cpe:/a:kubernetes:kubernetes:1.7.3", "cpe:/a:kubernetes:kubernetes:1.4.4", "cpe:/a:kubernetes:kubernetes:1.1-1.12", "cpe:/a:kubernetes:kubernetes:1.7.13", "cpe:/a:kubernetes:kubernetes:1.9.7", "cpe:/a:kubernetes:kubernetes:1.9.11", "cpe:/a:kubernetes:kubernetes:1.12.0", "cpe:/a:kubernetes:kubernetes:1.9.3", "cpe:/a:kubernetes:kubernetes:1.10.13", "cpe:/a:kubernetes:kubernetes:1.4.11", "cpe:/a:kubernetes:kubernetes:1.9.6", "cpe:/a:kubernetes:kubernetes:1.11.3", "cpe:/a:kubernetes:kubernetes:1.3.1", "cpe:/a:kubernetes:kubernetes:1.7.7", "cpe:/a:kubernetes:kubernetes:1.6.9", "cpe:/a:kubernetes:kubernetes:1.11.2", "cpe:/a:kubernetes:kubernetes:1.0.7", "cpe:/a:kubernetes:kubernetes:1.10.0", "cpe:/a:kubernetes:kubernetes:1.4.9", "cpe:/a:kubernetes:kubernetes:1.4.12", "cpe:/a:kubernetes:kubernetes:1.8.2", "cpe:/a:kubernetes:kubernetes:1.15.0", "cpe:/a:kubernetes:kubernetes:1.0.5", "cpe:/a:kubernetes:kubernetes:1.9.12", "cpe:/a:kubernetes:kubernetes:1.11.1", "cpe:/a:kubernetes:kubernetes:1.4.6", "cpe:/a:kubernetes:kubernetes:1.9.4", "cpe:/a:kubernetes:kubernetes:1.7.5", "cpe:/a:kubernetes:kubernetes:1.14.2", "cpe:/a:kubernetes:kubernetes:1.11.4", "cpe:/a:kubernetes:kubernetes:1.11.7", "cpe:/a:kubernetes:kubernetes:1.5.7", "cpe:/a:kubernetes:kubernetes:1.9.8", "cpe:/a:kubernetes:kubernetes:1.8.12", "cpe:/a:kubernetes:kubernetes:1.6.5", "cpe:/a:kubernetes:kubernetes:1.3.7", "cpe:/a:kubernetes:kubernetes:1.8.14", "cpe:/a:kubernetes:kubernetes:1.13.4", "cpe:/a:kubernetes:kubernetes:1.4.7", "cpe:/a:kubernetes:kubernetes:1.7.2", "cpe:/a:kubernetes:kubernetes:1.8.0", "cpe:/a:kubernetes:kubernetes:1.2.6", "cpe:/a:kubernetes:kubernetes:1.9.2", "cpe:/a:kubernetes:kubernetes:1.5.3", "cpe:/a:kubernetes:kubernetes:1.8.16", "cpe:/a:kubernetes:kubernetes:1.0.8", "cpe:/a:kubernetes:kubernetes:1.5.4", "cpe:/a:kubernetes:kubernetes:1.12.2", "cpe:/a:kubernetes:kubernetes:1.13.7", "cpe:/a:kubernetes:kubernetes:1.10.5", "cpe:/a:kubernetes:kubernetes:1.0.1", "cpe:/a:kubernetes:kubernetes:1.13.3", "cpe:/a:kubernetes:kubernetes:1.9.5", "cpe:/a:kubernetes:kubernetes:1.12.1", "cpe:/a:kubernetes:kubernetes:1.7.17", "cpe:/a:kubernetes:kubernetes:1.4.1", "cpe:/a:kubernetes:kubernetes:1.8.8"], "affectedSoftware": [{"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.16"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.14"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.11.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1-1.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.15"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.11"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.5.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.12"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.3.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.5"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.8.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.15.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.1"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.14.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.2.7"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.9.3"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.1.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.4.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.13"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.13.6"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.0.4"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.6.10"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.8"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.10.9"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.12.0"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.17"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.2"}, {"name": "kubernetes kubernetes", "operator": "eq", "version": "1.7.7"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.8, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 3.6}, "cpe23": ["cpe:2.3:a:kubernetes:kubernetes:1.12.11:beta0:*:*:*:*:*:*"], "cwe": ["CWE-264"], "scheme": null}

{"nessus": [{"lastseen": "2020-08-01T00:58:26", "bulletinFamily": "scanner", "description": "An update of the kubernetes package has been released.", "modified": "2020-08-02T00:00:00", "id": "PHOTONOS_PHSA-2019-1_0-0255_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/129682", "published": "2019-10-07T00:00:00", "title": "Photon OS 1.0: Kubernetes PHSA-2019-1.0-0255", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0255. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129682);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 1.0: Kubernetes PHSA-2019-1.0-0255\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-255.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-pause-1.12.10-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-08-01T04:40:17", "bulletinFamily": "scanner", "description": "An update for atomic-openshift is now available for Red Hat OpenShift\nContainer Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat", "modified": "2020-08-02T00:00:00", "id": "REDHAT-RHSA-2019-3239.NASL", "href": "https://www.tenable.com/plugins/nessus/130384", "published": "2019-10-30T00:00:00", "title": "RHEL 7 : OpenShift Container Platform 3.10 atomic-openshift (RHSA-2019:3239)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3239. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130384);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-1002100\", \"CVE-2019-11249\", \"CVE-2019-11253\");\n script_xref(name:\"RHSA\", value:\"2019:3239\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.10 atomic-openshift (RHSA-2019:3239)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for atomic-openshift is now available for Red Hat OpenShift\nContainer Platform 3.10.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nSecurity Fix(es) :\n\n* kubernetes: YAML parsing vulnerable to 'Billion Laughs' attack,\nallowing for remote denial of service (CVE-2019-11253)\n\n* kubernetes: Incomplete fixes for CVE-2019-1002101 and\nCVE-2019-11246, kubectl cp potential directory traversal\n(CVE-2019-11249)\n\n* kube-apiserver: DoS with crafted patch of type json-patch\n(CVE-2019-1002100)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3239\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11253\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-1002100\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11249\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hyperkube\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-hypershift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3239\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-openshift-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-redistributable-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-redistributable-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-docker-excluder-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-docker-excluder-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-excluder-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-excluder-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-hyperkube-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-hyperkube-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-hypershift-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-hypershift-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-master-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-master-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-pod-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-pod-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-sdn-ovs-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-sdn-ovs-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-template-service-broker-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-template-service-broker-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-tests-3.10\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-tests-3.10.181-1.git.0.3ab4b3d.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-openshift / atomic-openshift-clients / etc\");\n }\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-08-01T00:58:24", "bulletinFamily": "scanner", "description": "An update of the kubernetes package has been released.", "modified": "2020-08-02T00:00:00", "id": "PHOTONOS_PHSA-2019-1_0-0252_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/129784", "published": "2019-10-11T00:00:00", "title": "Photon OS 1.0: Kubernetes PHSA-2019-1.0-0252", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0252. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129784);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 1.0: Kubernetes PHSA-2019-1.0-0252\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-252.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"kubernetes-pause-1.12.10-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-08-01T00:58:46", "bulletinFamily": "scanner", "description": "An update of the kubernetes package has been released.", "modified": "2020-08-02T00:00:00", "id": "PHOTONOS_PHSA-2019-2_0-0177_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/129691", "published": "2019-10-07T00:00:00", "title": "Photon OS 2.0: Kubernetes PHSA-2019-2.0-0177", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0177. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129691);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\n \"CVE-2019-11245\",\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 2.0: Kubernetes PHSA-2019-2.0-0177\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-177.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_exists(rpm:\"kubernetes-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-1.14.6-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubeadm-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubeadm-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubeadm-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubeadm-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubeadm-1.14.6-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubectl-extras-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubectl-extras-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubectl-extras-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-kubectl-extras-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-kubectl-extras-1.14.6-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-pause-1.12\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-pause-1.12.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-pause-1.13\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-pause-1.13.10-1.ph2\")) flag++;\nif (rpm_exists(rpm:\"kubernetes-pause-1.14\", release:\"PhotonOS-2.0\") && rpm_check(release:\"PhotonOS-2.0\", reference:\"kubernetes-pause-1.14.6-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-08-01T00:58:58", "bulletinFamily": "scanner", "description": "An update of the kubernetes package has been released.", "modified": "2020-08-02T00:00:00", "id": "PHOTONOS_PHSA-2019-3_0-0031_KUBERNETES.NASL", "href": "https://www.tenable.com/plugins/nessus/130125", "published": "2019-10-22T00:00:00", "title": "Photon OS 3.0: Kubernetes PHSA-2019-3.0-0031", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0031. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130125);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\n \"CVE-2019-11246\",\n \"CVE-2019-11247\",\n \"CVE-2019-11248\",\n \"CVE-2019-11249\"\n );\n\n script_name(english:\"Photon OS 3.0: Kubernetes PHSA-2019-3.0-0031\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the kubernetes package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0031.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-debuginfo-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-kubeadm-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-kubectl-extras-1.12.10-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"kubernetes-pause-1.12.10-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-08-01T04:40:56", "bulletinFamily": "scanner", "description": "An update for atomic-openshift is now available for Red Hat OpenShift\nContainer Platform 3.9.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat", "modified": "2020-08-02T00:00:00", "id": "REDHAT-RHSA-2019-3811.NASL", "href": "https://www.tenable.com/plugins/nessus/130747", "published": "2019-11-08T00:00:00", "title": "RHEL 7 : OpenShift Container Platform 3.9 atomic-openshift (RHSA-2019:3811)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3811. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130747);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-10150\", \"CVE-2019-11249\", \"CVE-2019-11251\", \"CVE-2019-11253\");\n script_xref(name:\"RHSA\", value:\"2019:3811\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.9 atomic-openshift (RHSA-2019:3811)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for atomic-openshift is now available for Red Hat OpenShift\nContainer Platform 3.9.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThis advisory contains the atomic-openshift RPM package for Red Hat\nOpenShift Container Platform 3.9.102.\n\nSecurity Fix(es) :\n\n* kubernetes: YAML parsing vulnerable to 'Billion Laughs' attack,\nallowing for remote denial of service (CVE-2019-11253)\n\n* atomic-openshift: OpenShift builds don't verify SSH Host Keys for\nthe Git repository (CVE-2019-10150)\n\n* kubernetes: Incomplete fixes for CVE-2019-1002101 and\nCVE-2019-11246, kubectl cp potential directory traversal\n(CVE-2019-11249)\n\n* kubernetes: `kubectl cp` allows for arbitrary file write via double\nsymlinks (CVE-2019-11251)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3811\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10150\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11249\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11251\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-11253\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11249\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-capacity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-docker-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-excluder\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-federation-services\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-master\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-pod\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-sdn-ovs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-template-service-broker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3811\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-openshift-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-clients-redistributable-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-clients-redistributable-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-cluster-capacity-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-cluster-capacity-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-docker-excluder-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-docker-excluder-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-excluder-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", reference:\"atomic-openshift-excluder-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-federation-services-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-federation-services-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-master-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-master-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-pod-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-pod-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-sdn-ovs-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-sdn-ovs-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-service-catalog-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-service-catalog-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-template-service-broker-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-template-service-broker-3.9.102-1.git.0.6411f52.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-tests-3.9\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-tests-3.9.102-1.git.0.6411f52.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-openshift / atomic-openshift-clients / etc\");\n }\n}\n", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2020-08-01T01:54:40", "bulletinFamily": "scanner", "description": "Update to v1.15.2 + carry upstream #81330\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "modified": "2020-08-02T00:00:00", "id": "FEDORA_2019-2B8EF08C95.NASL", "href": "https://www.tenable.com/plugins/nessus/128127", "published": "2019-08-26T00:00:00", "title": "Fedora 30 : kubernetes (2019-2b8ef08c95)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-2b8ef08c95.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128127);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-1002101\", \"CVE-2019-11246\", \"CVE-2019-11247\", \"CVE-2019-11248\", \"CVE-2019-11249\", \"CVE-2019-11250\");\n script_xref(name:\"FEDORA\", value:\"2019-2b8ef08c95\");\n\n script_name(english:\"Fedora 30 : kubernetes (2019-2b8ef08c95)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to v1.15.2 + carry upstream #81330\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-2b8ef08c95\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kubernetes package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-11247\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"kubernetes-1.15.2-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kubernetes\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-10-30T07:32:04", "bulletinFamily": "unix", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* kubernetes: YAML parsing vulnerable to \"Billion Laughs\" attack, allowing for remote denial of service (CVE-2019-11253)\n\n* kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal (CVE-2019-11249)\n\n* kube-apiserver: DoS with crafted patch of type json-patch (CVE-2019-1002100)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-29T20:12:57", "published": "2019-10-29T20:03:25", "id": "RHSA-2019:3239", "href": "https://access.redhat.com/errata/RHSA-2019:3239", "type": "redhat", "title": "(RHSA-2019:3239) Important: OpenShift Container Platform 3.10 atomic-openshift security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2019-11-08T17:04:06", "bulletinFamily": "unix", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the atomic-openshift RPM package for Red Hat OpenShift Container Platform 3.9.102.\n\nSecurity Fix(es):\n\n* kubernetes: YAML parsing vulnerable to \"Billion Laughs\" attack, allowing for remote denial of service (CVE-2019-11253)\n\n* atomic-openshift: OpenShift builds don't verify SSH Host Keys for the Git repository (CVE-2019-10150)\n\n* kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal (CVE-2019-11249)\n\n* kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks (CVE-2019-11251)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-11-07T21:48:48", "published": "2019-11-07T21:39:10", "id": "RHSA-2019:3811", "href": "https://access.redhat.com/errata/RHSA-2019:3811", "type": "redhat", "title": "(RHSA-2019:3811) Important: OpenShift Container Platform 3.9 atomic-openshift security update", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}], "openvas": [{"lastseen": "2019-09-09T14:46:29", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-09-09T00:00:00", "published": "2019-08-27T00:00:00", "id": "OPENVAS:1361412562310876720", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876720", "title": "Fedora Update for kubernetes FEDORA-2019-2b8ef08c95", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876720\");\n script_version(\"2019-09-09T06:54:37+0000\");\n script_cve_id(\"CVE-2019-11250\", \"CVE-2019-1002101\", \"CVE-2019-11248\", \"CVE-2019-11249\", \"CVE-2019-11246\", \"CVE-2019-11247\");\n script_tag(name:\"cvss_base\", value:\"6.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-09-09 06:54:37 +0000 (Mon, 09 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-27 02:32:41 +0000 (Tue, 27 Aug 2019)\");\n script_name(\"Fedora Update for kubernetes FEDORA-2019-2b8ef08c95\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-2b8ef08c95\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QZB7E3DOZ5WDG46XAIU6K32CXHXPXB2F\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kubernetes'\n package(s) announced via the FEDORA-2019-2b8ef08c95 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Container cluster management\");\n\n script_tag(name:\"affected\", value:\"'kubernetes' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kubernetes\", rpm:\"kubernetes~1.15.2~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-01-31T22:35:35", "bulletinFamily": "unix", "description": "kubernetes\n[1.12.10-1.0.10]\n- [CVE-2019-16276] Kubernetes Vulnerabilities Allow Authentication Bypass, DoS\n[1.12.10-1.0.9]\n- Define rolling update for flannel\n[1.12.10-1.0.8]\n- Modify flannel/dashboard image tags to use images that have the cve fix\nkubeadm-ha-setup\n[0.0.2-1.0.68]\n- Pull image prior to update and fix image repo for addons\n[0.0.2-1.0.67]\n- Bump golang build version\n[0.0.2-1.0.66]\n- [CVE-2019-16276] Support patching flannel/dashboard on upgrade\n[0.0.2-1.0.65]\n- [CVE 2019-16276] Support deploygin 1.12 and 1.13 with CVE patched\n[0.0.2-1.0.64]\n- [CVE-2019-16276] Support patching etcd on upgrade\n[0.0.2-1.0.63]\n- [CVE-2019-16276] while upgrading a cluster patch the coredns image\n[0.0.2-1.0.62]\n- CVE-2019-16276 : Update flannel , etcd coredns and dashboard images.\n[0.0.2-1.0.61]\n- Added Support for 1.13.11 and removed support for 1.13.10\n[0.0.2-1.0.59]\n- Remove Support for 1.14.6\n[0.0.2-1.0.58]\n- Replacing reference to kubernetes-dashboard-amd64 with kubernetes-dashboard\n[0.0.2-1.0.57]\n- Support 1.12.10\n[0.0.2-1.0.56]\n- Support 1.14.6\n[0.0.2-1.0.55]\n- Support 1.13.10\n[0.0.2-1.0.54]\n- Support 1.13.9", "modified": "2020-01-31T00:00:00", "published": "2020-01-31T00:00:00", "id": "ELSA-2019-4816", "href": "http://linux.oracle.com/errata/ELSA-2019-4816.html", "title": "kubernetes security update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}