[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Privilege escalation vulnerability in kubernetes (rpm)

ID: oval:org.secpod.oval:def:49672Date: (C)2018-12-07   (M)2022-10-10
Class: VULNERABILITYFamily: unix




The host is installed with Kubernetes versions prior to 1.10.11, 1.11.5, and 1.12.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle error responses to proxied upgrade requests in the kube-apiserver. Successful exploitation allows attackers to gain elevated privileges and perform unauthorized actions.

Platform:
Linux
Product:
kubeadm
kubelet
kubectl
Reference:
CVE-2018-1002105
CVE    1
CVE-2018-1002105
CPE    3
cpe:/a:kubernetes:kubeadm
cpe:/a:kubernetes:kubectl
cpe:/a:kubernetes:kubelet

© SecPod Technologies