CVE-2019-11245

In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 (root) on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. If the pod did not specify mustRunAsNonRoot: true, the kubelet will run the container as uid 0.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:kubernetes:kubernetes:1.13.6:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:1.14.2:*:*:*:*:*:*:*

History

21 Nov 2024, 04:20

Type Values Removed Values Added
CVSS v2 : 4.6
v3 : 7.8
v2 : 4.6
v3 : 4.9
References () https://github.com/kubernetes/kubernetes/issues/78308 - Exploit, Patch, Third Party Advisory () https://github.com/kubernetes/kubernetes/issues/78308 - Exploit, Patch, Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20190919-0003/ - () https://security.netapp.com/advisory/ntap-20190919-0003/ -

Information

Published : 2019-08-29 01:15

Updated : 2024-11-21 04:20


NVD link : CVE-2019-11245

Mitre link : CVE-2019-11245

CVE.ORG link : CVE-2019-11245


JSON object : View

Products Affected

kubernetes

  • kubernetes
CWE
CWE-703

Improper Check or Handling of Exceptional Conditions

CWE-264

Permissions, Privileges, and Access Controls