Podatność CVE-2018-1002105

Podatność CVE-2018-1002105

Publikacja: 2018-12-05

Opis:

	Tytuł	Autor	Data
High	Kubernetes (Authenticated) Arbitrary Requests		26.12.2018

Typ:

(Error Handling)

Ogólna skala CVSS	Znaczenie	Łatwość wykorzystania
7.5/10	6.4/10	10/10

Affected software
Redhat -> Openshift container platform
Netapp -> Trident
Kubernetes -> Kubernetes

http://www.openwall.com/lists/oss-security/2019/06/28/2

http://www.securityfocus.com/bid/106068

https://access.redhat.com/errata/RHSA-2018:3537

https://access.redhat.com/errata/RHSA-2018:3549

https://access.redhat.com/errata/RHSA-2018:3551

https://access.redhat.com/errata/RHSA-2018:3598

https://access.redhat.com/errata/RHSA-2018:3624

https://access.redhat.com/errata/RHSA-2018:3742

https://access.redhat.com/errata/RHSA-2018:3752

https://access.redhat.com/errata/RHSA-2018:3754

https://github.com/evict/poc_CVE-2018-1002105

https://github.com/kubernetes/kubernetes/issues/71411

https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88

https://security.netapp.com/advisory/ntap-20190416-0001/

https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do

https://www.exploit-db.com/exploits/46052/

https://www.exploit-db.com/exploits/46053/