Lucene search
PRIOn knowledge basePRION:CVE-2019-11243HistoryApr 22, 2019 - 3:29 p.m.
Design/Logic Flaw
2019-04-2215:29:00
PRIOn knowledge base
www.prio-n.com
5
In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientConfig() method returns a copy of the provided config, with credentials removed (bearer token, username/password, and client certificate/key data). In the affected versions, rest.AnonymousClientConfig() did not effectively clear service account credentials loaded using rest.InClusterConfig()
| CPE | Name | Operator | Version |
|---|---|---|---|
| kubernetes | ge | 1.12.0 | |
| kubernetes | le | 1.12.4 | |
| kubernetes | eq | 1.13.0 |
Related
cve
cve
CVE-2019-11243
2019-04-22 15:29:00
debiancve
debiancve
CVE-2019-11243
2019-04-22 15:29:00
veracode
veracode
Information Disclosure
2019-04-23 05:23:12
osv
osv
CVE-2019-11243
2019-04-22 15:29:00
nvd
nvd
CVE-2019-11243
2019-04-22 15:29:00
redhatcve
redhatcve
CVE-2019-11243
2020-02-25 01:30:57
cvelist
cvelist
CVE-2019-11243
2019-04-22 14:54:15
oraclelinux
oraclelinux
kubernetes security update
2019-07-29 00:00:00
kubernetes security update
2019-07-29 00:00:00
kubernetes security update
2019-07-29 00:00:00
ibm
ibm