Lucene search
Symantec Security ResponseSMNTC-108064HistoryApr 22, 2019 - 12:00 a.m.
Kubernetes CVE-2019-11244 Local Unauthorized Access Vulnerability
2019-04-2200:00:00
Symantec Security Response
www.symantec.com
13
0.001 Low
EPSS
Percentile
33.3%
Description
Kubernetes is prone to a local unauthorized-access vulnerability. A local attacker can exploit this issue to gain unauthorized access to the affected application. This may aid in further attacks. Kubernetes version 1.8.x through 1.14.x are vulnerable.
Technologies Affected
- IBM Cloud Private 3.1.0
- IBM Cloud Private 3.1.1
- IBM Cloud Private 3.1.2
- IBM Cloud Private 3.2.0 CD
- Kubernetes Kubernetes 1.10.0
- Kubernetes Kubernetes 1.10.1
- Kubernetes Kubernetes 1.10.10
- Kubernetes Kubernetes 1.10.11
- Kubernetes Kubernetes 1.10.12
- Kubernetes Kubernetes 1.10.2
- Kubernetes Kubernetes 1.10.3
- Kubernetes Kubernetes 1.10.4
- Kubernetes Kubernetes 1.10.5
- Kubernetes Kubernetes 1.10.6
- Kubernetes Kubernetes 1.10.7
- Kubernetes Kubernetes 1.10.8
- Kubernetes Kubernetes 1.10.9
- Kubernetes Kubernetes 1.11.0
- Kubernetes Kubernetes 1.11.1
- Kubernetes Kubernetes 1.11.2
- Kubernetes Kubernetes 1.11.3
- Kubernetes Kubernetes 1.11.4
- Kubernetes Kubernetes 1.11.5
- Kubernetes Kubernetes 1.11.6
- Kubernetes Kubernetes 1.11.7
- Kubernetes Kubernetes 1.11.8
- Kubernetes Kubernetes 1.11.9
- Kubernetes Kubernetes 1.12.0
- Kubernetes Kubernetes 1.12.1
- Kubernetes Kubernetes 1.12.2
- Kubernetes Kubernetes 1.12.3
- Kubernetes Kubernetes 1.12.4
- Kubernetes Kubernetes 1.12.5
- Kubernetes Kubernetes 1.12.6
- Kubernetes Kubernetes 1.12.7
- Kubernetes Kubernetes 1.13.0
- Kubernetes Kubernetes 1.13.3
- Kubernetes Kubernetes 1.13.4
- Kubernetes Kubernetes 1.13.5
- Kubernetes Kubernetes 1.14.0
- Kubernetes Kubernetes 1.8.0
- Kubernetes Kubernetes 1.9.0
- Kubernetes Kubernetes 1.9.1
- Kubernetes Kubernetes 1.9.10
- Kubernetes Kubernetes 1.9.2
- Kubernetes Kubernetes 1.9.3
- Kubernetes Kubernetes 1.9.4
- Kubernetes Kubernetes 1.9.5
- Kubernetes Kubernetes 1.9.6
- Kubernetes Kubernetes 1.9.7
- Kubernetes Kubernetes 1.9.8
- Kubernetes Kubernetes 1.9.9
Recommendations
Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
To reduce the risk of exploits, allow only local and accountable individuals to access affected computers.
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Related
redhatcve
redhatcve
CVE-2019-11244
2020-04-06 23:05:27
ibm
ibm
gitlab
gitlab
Incorrect Permission Assignment for Critical Resource
2019-04-22 00:00:00
nessus
nessus
Oracle Linux 7 : kubeadm-ha-setup (ELSA-2019-4717)
2023-09-07 00:00:00
RHEL 7 : OpenShift Container Platform 3.11 atomic-openshift (RHSA-2020:0020)
2020-01-15 00:00:00
RHEL 7 / 8 : OpenShift Container Platform 4.1.24 openshift (RHSA-2019:3942)
2019-11-22 00:00:00
osv
osv
CVE-2019-11244
2019-04-22 15:29:00
Kubernetes Unsafe Cacheing
2022-02-15 01:57:18
cvelist
cvelist
CVE-2019-11244 kubectl creates world-writeable cached schema files
2019-04-22 14:54:15
prion
prion
Design/Logic Flaw
2019-04-22 15:29:00
redhat
redhat
debiancve
debiancve
CVE-2019-11244
2019-04-22 15:29:00
veracode
veracode
Insecure Cache Configurations
2019-04-23 07:11:27
cve
cve
CVE-2019-11244
2019-04-22 15:29:00
nvd
nvd
CVE-2019-11244
2019-04-22 15:29:00
oraclelinux
oraclelinux
kubeadm-ha-setup security update
2019-07-29 00:00:00
kubernetes security update
2019-07-29 00:00:00
kubernetes security update
2019-07-29 00:00:00
github
github
Kubernetes Unsafe Cacheing
2022-02-15 01:57:18
photon
photon