ghsa-82m2-cv7p-4m75
Vulnerability from github
Published
2024-07-18 21:30
Modified
2024-07-18 21:58
Severity ?
6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
7.1 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N
Summary
Kubernetes sets incorrect permissions on Windows containers logs
Details
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
{ "affected": [ { "package": { "ecosystem": "Go", "name": "k8s.io/kubernetes" }, "ranges": [ { "events": [ { "introduced": "0" }, { "fixed": "1.27.16" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "k8s.io/kubernetes" }, "ranges": [ { "events": [ { "introduced": "1.28.0" }, { "fixed": "1.28.12" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "k8s.io/kubernetes" }, "ranges": [ { "events": [ { "introduced": "1.29.0" }, { "fixed": "1.29.7" } ], "type": "ECOSYSTEM" } ] }, { "package": { "ecosystem": "Go", "name": "k8s.io/kubernetes" }, "ranges": [ { "events": [ { "introduced": "1.30.0" }, { "fixed": "1.30.3" } ], "type": "ECOSYSTEM" } ] } ], "aliases": [ "CVE-2024-5321" ], "database_specific": { "cwe_ids": [ "CWE-276" ], "github_reviewed": true, "github_reviewed_at": "2024-07-18T21:58:12Z", "nvd_published_at": "2024-07-18T19:15:12Z", "severity": "MODERATE" }, "details": "A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\\Users\u00a0may be able to read container logs and NT AUTHORITY\\Authenticated Users\u00a0may be able to modify container logs.", "id": "GHSA-82m2-cv7p-4m75", "modified": "2024-07-18T21:58:12Z", "published": "2024-07-18T21:30:38Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5321" }, { "type": "WEB", "url": "https://github.com/kubernetes/kubernetes/issues/126161" }, { "type": "WEB", "url": "https://github.com/kubernetes/kubernetes/commit/23660a78ae462a6c8c75ac7ffd9af97550dda1aa" }, { "type": "WEB", "url": "https://github.com/kubernetes/kubernetes/commit/84beb2915fa28ae477fe0676be8ba94ccd2b811a" }, { "type": "WEB", "url": "https://github.com/kubernetes/kubernetes/commit/90589b8f63d28bcd3db89749950ebc48ed07c190" }, { "type": "WEB", "url": "https://github.com/kubernetes/kubernetes/commit/de2033033b1d202ecaaa79d41861a075df8b49c1" }, { "type": "PACKAGE", "url": "https://github.com/kubernetes/kubernetes" }, { "type": "WEB", "url": "https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "type": "CVSS_V3" }, { "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N", "type": "CVSS_V4" } ], "summary": "Kubernetes sets incorrect permissions on Windows containers logs" }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.