CVE-2024-5321 Incorrect permissions on Windows containers logs

2024-07-1818:15:25

CWE-276

kubernetes

www.cve.org

cve-2024

security issue

kubernetes

windows nodes

builtin\users

nt authority\authenticated users

container logs

incorrect permissions

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

EPSS

Percentile

9.3%

JSON

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

CNA Affected

[
  {
    "vendor": "Kubernetes",
    "product": "Kubernetes",
    "platforms": [
      "Windows"
    ],
    "repo": "https://github.com/kubernetes/kubernetes",
    "modules": [
      "kubelet"
    ],
    "versions": [
      {
        "status": "affected",
        "version": "1.27.0",
        "lessThanOrEqual": "1.27.15",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "1.28.0",
        "lessThanOrEqual": "1.28.11",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "1.29.0",
        "lessThanOrEqual": "1.29.6",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "1.30.0",
        "lessThanOrEqual": "1.30.2",
        "versionType": "semver"
      },
      {
        "status": "unaffected",
        "version": "1.27.16"
      },
      {
        "status": "unaffected",
        "version": "1.28.12"
      },
      {
        "status": "unaffected",
        "version": "1.29.7"
      },
      {
        "status": "unaffected",
        "version": "1.30.3"
      }
    ],
    "defaultStatus": "affected"
  }
]