Описание
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running.
This vulnerability allows containers using a secret, configMap, projected, or downwardAPI volume to trigger deletion of arbitrary files and directories on the nodes where they are running. An attacker could use this flaw to delete arbitrary file or directories on node host.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 7 | kubernetes | Will not fix | ||
| Red Hat Storage 3 | heketi | Not affected | ||
| Red Hat OpenShift Container Platform 3.3 | atomic-openshift | Fixed | RHSA-2018:0475 | 12.03.2018 |
| Red Hat OpenShift Container Platform 3.4 | atomic-openshift | Fixed | RHSA-2018:0475 | 12.03.2018 |
| Red Hat OpenShift Container Platform 3.5 | atomic-openshift | Fixed | RHSA-2018:0475 | 12.03.2018 |
| Red Hat OpenShift Container Platform 3.6 | atomic-openshift | Fixed | RHSA-2018:0475 | 12.03.2018 |
| Red Hat OpenShift Container Platform 3.7 | atomic-openshift | Fixed | RHSA-2018:0475 | 12.03.2018 |
Показывать по
Дополнительная информация
Статус:
7.1 High
CVSS3
Связанные уязвимости
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running.
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to version ...
7.1 High
CVSS3