Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-1002102

Опубликовано: 05 дек. 2019
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 2.1
CVSS3: 2.6

Описание

Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.

РелизСтатусПримечание
bionic

DNE

devel

DNE

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-apps/noble

needs-triage

esm-infra-legacy/trusty

DNE

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life
hirsute

ignored

end of life
impish

ignored

end of life

Показывать по

EPSS

Процентиль: 51%
0.00283
Низкий

2.1 Low

CVSS2

2.6 Low

CVSS3

Связанные уязвимости

CVSS3: 2.6
redhat
больше 5 лет назад

Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.

CVSS3: 2.6
nvd
больше 5 лет назад

Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.

CVSS3: 2.6
debian
больше 5 лет назад

Improper validation of URL redirection in the Kubernetes API server in ...

EPSS

Процентиль: 51%
0.00283
Низкий

2.1 Low

CVSS2

2.6 Low

CVSS3