Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveKubernetesCVE-2021-25749
HistoryMay 24, 2023 - 5:15 p.m.

CVE-2021-25749

2023-05-2417:15:09
CWE-284
kubernetes
web.nvd.nist.gov
59
cve-2021-25749
windows
container
runasnonroot
nvd

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

9.0%

JSON

Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true.

Affected configurations

Nvd
Node
kuberneteskubernetesRange1.20.01.21.0
OR
kuberneteskubernetesRange1.22.01.22.14
OR
kuberneteskubernetesRange1.23.01.23.11
OR
kuberneteskubernetesRange1.24.01.24.5
VendorProductVersionCPE
kuberneteskubernetes*cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*

CNA Affected

[
  {
    "vendor": "Kubernetes",
    "product": "Kubernetes",
    "versions": [
      {
        "version": "kubelet v1.22.0 - v1.22.13",
        "status": "affected",
        "lessThan": "v1.22.14",
        "versionType": "custom"
      },
      {
        "version": "kubelet v1.23.0 - v1.23.10",
        "status": "affected",
        "lessThan": "v1.23.11",
        "versionType": "custom"
      },
      {
        "version": "kubelet v1.24.0 - v1.24.4",
        "status": "affected",
        "lessThan": "v1.24.5",
        "versionType": "custom"
      }
    ]
  }
]

Related

osv 2
prion 1
nvd 1
cvelist 1
redhatcve 1
debiancve 1
veracode 1
openvas 1
nessus 1
redhat 1
osv
osv
CVE-2021-25749
2023-05-24 17:15:09
CGA-hcj5-q2xc-q799
2024-06-06 12:27:41
prion
prion
Design/Logic Flaw
2023-05-24 17:15:00
nvd
nvd
CVE-2021-25749
2023-05-24 17:15:09
cvelist
cvelist
CVE-2021-25749 runAsNonRoot logic bypass for Windows containers
2023-05-24 00:00:00
redhatcve
redhatcve
CVE-2021-25749
2022-09-19 05:43:26
debiancve
debiancve
CVE-2021-25749
2023-05-24 17:15:09
veracode
veracode
Improper Access Control
2023-05-26 06:54:26
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:2292-1)
2023-05-29 00:00:00
nessus
nessus
SUSE SLES15 Security Update : kubernetes1.23 (SUSE-SU-2023:2292-1)
2023-05-26 00:00:00
redhat
redhat
(RHSA-2022:9096) Moderate: Red Hat OpenShift support for Windows Containers 7.0.0 [security update]
2023-01-30 05:46:19

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.4

Confidence

High

EPSS

0

Percentile

9.0%

JSON
Related for CVE-2021-25749
osv2prion1nvd1cvelist1redhatcve1debiancve1veracode1openvas1nessus1redhat1