Lucene search
K

13 matches found

VulnCheck KEV
VulnCheck KEV
added 2023/11/27 12:0 a.m.3 views

VulnCheck KEV: CVE-2019-11248

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...

8.2CVSS6.8AI score0.61139EPSS
Exploits0References1
Circl
Circl
added 2022/07/18 3:11 a.m.157 views

CVE-2019-11248

creationtimestamp| type| source ---|---|--- 2022-07-18 03:11:02+00:00| published-proof-of-concept| https://t.me/ctinow/55552 2024-10-03 01:20:50+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8661 2024-11-10 00:00:00+00:00| exploited| The Shadowserver...

8.2CVSS6.7AI score0.61139EPSS
In wildExploits0References5
Hacker One
Hacker One
added 2021/02/12 5:37 p.m.486 views

Engel & Völkers Technology GmbH: CVE-2019-11248 on alertmanager.ev-cloud-platform.engelvoelkers.com

Summary: The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration. Steps To Reproduce: Navigate to the following...

6.4CVSS7.8AI score0.61139EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/12/11 7:10 a.m.35 views

Security Bulletin: Open Source Secuity issues fixed for NPS softlayer provisioner.

Summary Fixed OSS issus for listed CVEs. Vulnerability Details CVEID: CVE-2020-7919 DESCRIPTION: Go is vulnerable to a denial of service. By sending a malformed X.509 certificate, a remote attacker could exploit this vulnerability to cause a system panic. CVSS Base score: 7.5 CVSS Temporal Score:...

8.2CVSS0.8AI score0.61139EPSS
Exploits2Affected Software1
RedhatCVE
RedhatCVE
added 2020/04/09 12:44 p.m.51 views

CVE-2019-11248

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...

8.2CVSS2.1AI score0.61139EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2019/10/07 12:0 a.m.44 views

Photon OS 2.0: Kubernetes PHSA-2019-2.0-0177

An update of the kubernetes package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0177. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

8.2CVSS6.6AI score0.61139EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2019/08/29 1:15 a.m.105 views

CVE-2019-11248

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...

8.2CVSS6.8AI score0.61139EPSS
Exploits0References3
Cvelist
Cvelist
added 2019/08/29 12:26 a.m.42 views

CVE-2019-11248 Kubernetes kubelet exposes /debug/pprof info on healthz port

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...

6.5CVSS7.9AI score0.61139EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2019/08/29 12:26 a.m.47 views

CVE-2019-11248

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for...

8.2CVSS6.7AI score0.61139EPSS
Exploits0
CVE
CVE
added 2019/08/29 12:26 a.m.358 views

CVE-2019-11248

CVE-2019-11248 describes exposure of the Go pprof debugging endpoint at /debug/pprof on the unauthenticated Kubelet healthz port. The connected nuclei template confirms the issue: the pprof endpoint is exposed via the Kubelet healthz port, potentially leaking internal Kubelet memory addresses and...

8.2CVSS6.9AI score0.61139EPSS
In wildExploits0References3Affected Software1
OpenVAS
OpenVAS
added 2019/08/27 12:0 a.m.46 views

Fedora Update for kubernetes FEDORA-2019-2b8ef08c95

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.2CVSS7.2AI score0.61139EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2019/08/26 12:0 a.m.46 views

Fedora 30 : kubernetes (2019-2b8ef08c95)

Update to v1.15.2 + carry upstream 81330 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable...

8.2CVSS6.1AI score0.61139EPSS
Exploits2References7
IBM Security Bulletins
IBM Security Bulletins
added 2019/08/19 3:22 p.m.34 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by Kubernetes security vulnerability (CVE-2019-11248)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability in the Kubelet healthz port that exposes the debugging endpoint on localhost CVE-2019-11248 Vulnerability Details CVE-ID: CVE-2019-11248 Description: Kubernetes could allow a remote attacker to obtain sensitive...

8.2CVSS7.7AI score0.61139EPSS
Exploits0Affected Software1
Rows per page
Query Builder