Privilege escalation in Kubertenes

Published: 2018-12-04 11:54:01 | Updated: 2018-12-04
Severity High
Patch available YES
Number of vulnerabilities 1
CVE ID CVE-2018-1002105
CVSSv3 8.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CWE ID CWE-264
Exploitation vector Network
Public exploit N/A
Vulnerable software Kubernetes
Vulnerable software versions Kubernetes 1.10.10
Kubernetes 1.11.4
Kubernetes 1.12.2

Show more

Vendor URL Kubernetes

Security Advisory

1) Privilege escalation

Description

The vulnerability allows a remote attacker to gain elevated privileges on the target system.

The weakness exists due to an error when handling proxy requests. With a specially crafted request, users that are authorized to establish a connection through the Kubernetes API server to a backend server can then send arbitrary requests over the same connection directly to that backend, authenticated with the Kubernetes API server’s TLS credentials used to establish the backend connection.

Remediation

The vulnerability has been fixed in the versions 1.10.11, 1.11.5, 1.12.3, 1.13.0-rc.1.

External links

https://github.com/kubernetes/kubernetes/issues/71411

Back to List