20 matches found
Oracle Linux 7 : kubernetes (ELSA-2019-4816)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4816 advisory. - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS - CVE-2019-16276 Support patching flannel/dashboard on upgrade -...
Security Bulletin: IBM CICS TX Standard is vulnerable to multiple vulnerabilities in Kubernetes.
Summary IBM CICS TX Standard is vulnerable to multiple vulnerabilities in Kubernetes. The fix removes these vulnerabilities from IBM CICS TX Standard. Vulnerability Details CVEID:CVE-2019-11250 DESCRIPTION: Kubernetes could allow a remote attacker to obtain sensitive information, caused by storin...
Security Bulletin: IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in Kubernetes.
Summary IBM CICS TX Advanced is vulnerable to multiple vulnerabilities in Kubernetes. The fix removes these vulnerabilities from IBM CICS TX Advanced. Vulnerability Details CVEID:CVE-2019-11250 DESCRIPTION: Kubernetes could allow a remote attacker to obtain sensitive information, caused by storin...
CVE-2019-11247
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with...
Security Bulletin: IBM API Connect is impacted by vulnerabilities in Kubernetes (CVE-2019-11249, CVE-2019-11247)
Summary IBM API Connect has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-11249 DESCRIPTION: The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a t...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Kubernetes (CVE-2019-11247, CVE-2019-11249)
Summary Security Vulnerabilities affect IBM Cloud Private Kubernetes Vulnerability Details CVEID: CVE-2019-11247 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to gain unauthorized access to the system, caused by an error in the API server. By sending a specially crafted...
Security Bulletin: Red Hat OpenShift on IBM Cloud is affected by Kubernetes security vulnerability (CVE-2019-11247)
Summary Red Hat OpenShift on IBM Cloud is affected by a security vulnerability in Kubernetes API server that allows access to custom resources via wrong scope CVE-2019-11247. Vulnerability Details CVE-ID: CVE-2019-11247 Description: Kubernetes could allow a remote authenticated attacker to gain...
RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2019:2769)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2769 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...
CVE-2019-11247: Kubernetes API Server Vulnerability | Cloud Foundry
Severity Medium Vendor Cloud Foundry Foundation Description The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and ro...
Photon OS 2.0: Kubernetes PHSA-2019-2.0-0177
An update of the kubernetes package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0177. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Important: Red Hat Security Advisory: OpenShift Container Platform 3.10 security update
An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2019-11247
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with...
CVE-2019-11247 Kubernetes kube-apiserver allows access to custom resources via wrong scope
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with...
CVE-2019-11247
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with...
CVE-2019-11247
The Kubernetes kube-apiserver mistakenly allows access to a cluster-scoped custom resource if the request is made as if the resource were namespaced. Authorizations for the resource accessed in this manner are enforced using roles and role bindings within the namespace, meaning that a user with...
CVE-2019-11247
The CVE-2019-11247 entry is confirmed with concrete details: the Kubernetes kube-apiserver permits access to cluster-scoped custom resources when requests are sent as if the resource were namespaced. This leads to privilege escalation where a user with namespace-scoped access could create/view/up...
Fedora Update for kubernetes FEDORA-2019-2b8ef08c95
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 30 : kubernetes (2019-2b8ef08c95)
Update to v1.15.2 + carry upstream 81330 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...
Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes security vulnerability (CVE-2019-11247)
Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in Kubernetes API server that allows access to custom resources via wrong scope CVE-2019-11247 Vulnerability Details CVE-ID: CVE-2019-11247 Description: Kubernetes could allow a remote authenticated attacker to gain...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1.11 openshift security update
An update for openshift is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...