CVE-2019-11244 Information

Feb 14, 2021 cve

Description

In Kubernetes v1.8.x-v1.14.x schema info is cached by kubectl in the location specified by –cache-dir (defaulting to $HOME/.kube/http-cache) written with world-writeable permissions (rw-rw-rw-). If –cache-dir is specified and pointed at a different location accessible to other users/groups the written files may be modified by other users/groups and disrupt the kubectl invocation.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Reference

http://www.securityfocus.com/bid/108064 https://access.redhat.com/errata/RHSA-2019:3942 https://access.redhat.com/errata/RHSA-2020:0020 https://access.redhat.com/errata/RHSA-2020:0074 https://github.com/kubernetes/kubernetes/issues/76676 https://security.netapp.com/advisory/ntap-20190509-0002/

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

HIGH

Base Score

NONE

Base Severity

5.0

Share on: