Описание
Kubernetes sets incorrect permissions on Windows containers logs
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2024-5321
- https://github.com/kubernetes/kubernetes/issues/126161
- https://github.com/kubernetes/kubernetes/commit/23660a78ae462a6c8c75ac7ffd9af97550dda1aa
- https://github.com/kubernetes/kubernetes/commit/84beb2915fa28ae477fe0676be8ba94ccd2b811a
- https://github.com/kubernetes/kubernetes/commit/90589b8f63d28bcd3db89749950ebc48ed07c190
- https://github.com/kubernetes/kubernetes/commit/de2033033b1d202ecaaa79d41861a075df8b49c1
- https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0
Пакеты
k8s.io/kubernetes
< 1.27.16
1.27.16
k8s.io/kubernetes
>= 1.28.0, < 1.28.12
1.28.12
k8s.io/kubernetes
>= 1.29.0, < 1.29.7
1.29.7
k8s.io/kubernetes
>= 1.30.0, < 1.30.3
1.30.3
Связанные уязвимости
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
A security issue was discovered in Kubernetes clusters with Windows no ...
Уязвимость утилиты kubelet программного средства управления кластерами виртуальных машин Kubernetes для операционных систем Windows, связанная с некорректно используемыми стандартными разрешениями, позволяющая нарушителю изменить информацию, хранящуюся в журналах контейнеров