| |
Vulnerability CVE-2019-11251
Published: 2020-02-03
Description: |
The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree. |
Type:
CWE-59 (Improper Link Resolution Before File Access ('Link Following'))
CVSS2 => (AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.3/10 |
2.9/10 |
8.6/10 |
Exploit range |
Attack complexity |
Authentication |
Remote |
Medium |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
None |
Partial |
None |
References: |
https://github.com/kubernetes/kubernetes/issues/87773
https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ
|
|
|
Copyright 2024, cxsecurity.com
|
|
|