7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
github.com/kubernetes/kubernetes is vulnerable to authorization bypass attacks. The vulnerability exists as it is possible for a container to run as uid 0 (root)
either on container restart, or if an existing image is used, and if mustRunAsNonRoot: true
was not used.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/kubernetes/kubernetes | eq | 1.14.2 | |
github.com/kubernetes/kubernetes | eq | 1.13.6 |
github.com/kubernetes/kubernetes/commit/02026415cdc49b4ceb1b70e0410a93b57885851e
github.com/kubernetes/kubernetes/commit/7d58a4985dc157952a4f38f544a80ce4bf019471
github.com/kubernetes/kubernetes/issues/78308
github.com/kubernetes/kubernetes/pull/78316
github.com/kubernetes/kubernetes/pull/78320
seclists.org/oss-sec/2019/q2/134
security.netapp.com/advisory/ntap-20190919-0003/
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P