CVE-2024-5321

🗓️ 18 Jul 2024 18:15:25Reported by kubernetesType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 277 Views

Security issue in Kubernetes clusters with Windows nodes allowing unauthorized access to container logs

Reporter	Title	Published	Views	Family All 74
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in IBM API Connect	15 Mar 202500:18	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Observability with Instana (OnPrem) is affected by multiple vulnerabilities	31 Jul 202514:21	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Kubernetes kubelet [CVE-2024-5321]	28 Jan 202522:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to a security restrictions bypass in Kubernetes kubelet [CVE-2024-5321]	30 Jan 202521:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Instana Observability is affected by multiple vulnerabilities within Instana Agent container image	15 Apr 202502:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for September and October 2024.	15 Apr 202502:48	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Automation Decision Services for August 2024 - Multiple CVEs addressed	10 Sep 202405:21	–	ibm
AlpineLinux	CVE-2024-5321	18 Jul 202419:15	–	alpinelinux
BDU FSTEC	The vulnerability of the kubelet utility in the Kubernetes cluster management software, related to improperly used standard permissions, allows a perpetrator to alter the information stored in container logs.	22 Jul 202400:00	–	bdu_fstec
Chainguard	CVE-2024-5321 vulnerabilities	18 Jul 202419:15	–	cgr

[
  {
    "vendor": "Kubernetes",
    "product": "Kubernetes",
    "platforms": [
      "Windows"
    ],
    "repo": "https://github.com/kubernetes/kubernetes",
    "modules": [
      "kubelet"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "1.27.0",
        "lessThanOrEqual": "1.27.15",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "1.28.0",
        "lessThanOrEqual": "1.28.11",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "1.29.0",
        "lessThanOrEqual": "1.29.6",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "1.30.0",
        "lessThanOrEqual": "1.30.2",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "1.27.16"
      },
      {
        "status": "unaffected",
        "version": "1.28.12"
      },
      {
        "status": "unaffected",
        "version": "1.29.7"
      },
      {
        "status": "unaffected",
        "version": "1.30.3"
      }
    ],
    "defaultStatus": "affected"
  }
]

Source	Link
groups	www.groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0
github	www.github.com/kubernetes/kubernetes/issues/126161
openwall	www.openwall.com/lists/oss-security/2024/07/17/3

15 Apr 2026 00:35Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.1

EPSS0.00071

SSVC

CWE-276