CVE-2019-3780

2019-03-08T16:29:00
ID CVE-2019-3780
Type cve
Reporter cve@mitre.org
Modified 2020-10-19T17:56:00

Description

Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains a configuration file with IAAS credentials. A malicious user with access to the k8s nodes can obtain IAAS credentials allowing the user to escalate privileges to gain access to the IAAS account.