Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM2096B373EABD2AFD96F3A45A3CF3C96927564E48D8BC00ABA35CCA6253B6D973
HistoryJul 12, 2019 - 1:50 p.m.

Security Bulletin: IBM Event Streams is affected by kubectl vulnerabilities

2019-07-1213:50:01
www.ibm.com
10

0.001 Low

EPSS

Percentile

33.3%

JSON

Summary

IBM Event Streams has addressed the following vulnerabilities in the kubectl versions shipped.

Vulnerability Details

CVEID: CVE-2019-1002101 DESCRIPTION: Kubernetes could allow a remote attacker to traverse directories on the system, caused by the improper handling of symlinks. By persuading a victim to use the kubectl cp command or the oc cp command with a malicious container, an attacker could replace or delete arbitrary files on the host machine.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/158804&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N)

CVEID: CVE-2019-11244 DESCRIPTION: Kubernetes could allow a remote attacker to bypass security restrictions, caused by an improper directory permission issue with the --cache-dir option. By sending a specially-crafted request, an attacker could exploit this vulnerability to modify the written files and disrupt the kubectl invocation.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/160042&gt; for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

Affected Products and Versions

IBM Event Streams 2018.3.0

IBM Event Streams 2018.3.1

IBM Event Streams 2019.1.1

Remediation/Fixes

Upgrade to IBM Event Streams 2019.2.1 which is available from Passport Advantage.

CPENameOperatorVersion
ibm event streamseqany

Related

redhatcve 4
ibm 8
gitlab 2
nessus 16
osv 4
cvelist 2
prion 2
redhat 8
cloudfoundry 1
freebsd 1
fedora 2
nvd 2
openvas 2
github 2
debiancve 2
veracode 3
cve 2
symantec 1
ubuntucve 1
oraclelinux 11
kitploit 1
attackerkb 1
photon 8
redhatcve
redhatcve
CVE-2019-11244
2020-04-06 23:05:27
CVE-2019-1002101
2019-03-28 21:50:01
CVE-2019-11246
2020-04-09 10:42:04
ibm
ibm
Security Bulletin: IBM Cloud Private is vulnerable to a Kubernetes vulnerability (CVE-ID: CVE-2019-11244)
2020-01-02 13:57:20
Security Bulletin: API Connect V2018 is impacted by a directory traversal vulnerability in Kubernetes (CVE-2019-1002101)
2019-05-19 14:45:01
Security Bulletin: IBM Cloud Private for Data is affected multiple security vulnerabilities in IBM Cloud Private Kubernetes
2019-10-03 22:50:40
gitlab
gitlab
Incorrect Permission Assignment for Critical Resource
2019-04-22 00:00:00
Improper Link Resolution Before File Access
2019-04-01 00:00:00
nessus
nessus
Oracle Linux 7 : kubeadm-ha-setup (ELSA-2019-4717)
2023-09-07 00:00:00
RHEL 7 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2020:0020)
2020-01-15 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.1.24 openshift (RHSA-2019:3942)
2019-11-22 00:00:00
osv
osv
CVE-2019-11244
2019-04-22 15:29:00
Symlink Attack in kubectl cp
2022-02-15 01:57:18
CVE-2019-1002101
2019-04-01 14:29:00
cvelist
cvelist
CVE-2019-11244 kubectl creates world-writeable cached schema files
2019-04-22 14:54:15
CVE-2019-1002101 kubectl cp path traversal
2019-03-28 00:00:00
prion
prion
Design/Logic Flaw
2019-04-22 15:29:00
Code injection
2019-04-01 14:29:00
redhat
redhat
(RHSA-2020:0074) Low: OpenShift Container Platform 4.1 openshift-enterprise-cli-container security update
2020-01-21 07:52:39
(RHSA-2019:3942) Low: OpenShift Container Platform 4.1.24 openshift security update
2019-11-21 09:55:43
(RHSA-2020:0020) Low: OpenShift Container Platform 3.11 atomic-openshift security update
2020-01-14 06:48:10
cloudfoundry
cloudfoundry
CVE-2019-1002101: Kubernetes kubectl - potential directory traversal | Cloud Foundry
2019-04-01 00:00:00
freebsd
freebsd
Kubectl -- Potential directory traversal
2019-03-28 00:00:00
fedora
fedora
[SECURITY] Fedora 30 Update: kubernetes-1.13.5-1.fc30
2019-06-19 22:46:08
[SECURITY] Fedora 30 Update: kubernetes-1.15.2-1.fc30
2019-08-26 00:53:13
nvd
nvd
CVE-2019-1002101
2019-04-01 14:29:00
CVE-2019-11244
2019-04-22 15:29:00
openvas
openvas
Fedora Update for kubernetes FEDORA-2019-bf800b1c04
2019-06-20 00:00:00
Fedora Update for kubernetes FEDORA-2019-2b8ef08c95
2019-08-27 00:00:00
github
github
Symlink Attack in kubectl cp
2022-02-15 01:57:18
Kubernetes Unsafe Cacheing
2022-02-15 01:57:18
debiancve
debiancve
CVE-2019-11244
2019-04-22 15:29:00
CVE-2019-1002101
2019-04-01 14:29:00
veracode
veracode
Insecure Cache Configurations
2019-04-23 07:11:27
Directory Traversal
2019-04-01 02:29:02
Directory Traversal
2019-08-06 01:38:57
cve
cve
CVE-2019-11244
2019-04-22 15:29:00
CVE-2019-1002101
2019-04-01 14:29:00
symantec
symantec
Kubernetes CVE-2019-11244 Local Unauthorized Access Vulnerability
2019-04-22 00:00:00
ubuntucve
ubuntucve
CVE-2019-1002101
2019-04-01 00:00:00
oraclelinux
oraclelinux
kubeadm-ha-setup security update
2019-07-29 00:00:00
kubernetes security update
2019-07-29 00:00:00
kubernetes security update
2019-07-29 00:00:00
kitploit
kitploit
Botb - A Container Analysis And Exploitation Tool For Pentesters And Engineers
2019-09-10 20:33:00
attackerkb
attackerkb
kubectl cp path traversal
2019-04-01 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0242
2019-06-28 00:00:00
Critical Photon OS Security Update - PHSA-2019-0242
2019-06-28 00:00:00
Important Photon OS Security Update - PHSA-2019-0239
2019-06-17 00:00:00

0.001 Low

EPSS

Percentile

33.3%

JSON
Related for 2096B373EABD2AFD96F3A45A3CF3C96927564E48D8BC00ABA35CCA6253B6D973
redhatcve4ibm8gitlab2nessus16osv4cvelist2prion2redhat8cloudfoundry1freebsd1fedora2nvd2openvas2github2debiancve2veracode3cve2symantec1ubuntucve1oraclelinux11kitploit1attackerkb1photon8