2 matches found
Privilege escalation from compromised node to cluster
CVSS Rating: Medium 6.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H If an attacker is able to intercept certain requests to the Kubelet, they can send a redirect response that may be followed by a client using the credentials from the original request. This can lead to compromise of other nodes...
CVE-2017-15114
When libvirtd is configured by OSP director tripleo-heat-templates to use the TLS transport it defaults to the same certificate authority as all non-libvirtd services. As no additional authentication is configured this allows these services to connect to libvirtd which is equivalent to root acces...