ID CVE-2018-1002105
Summary In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.
References
Vulnerable Configurations
  • Kubernetes 1.0.0
    cpe:2.3:a:kubernetes:kubernetes:1.0.0
  • Kubernetes 1.0.1
    cpe:2.3:a:kubernetes:kubernetes:1.0.1
  • Kubernetes 1.0.2
    cpe:2.3:a:kubernetes:kubernetes:1.0.2
  • Kubernetes 1.0.3
    cpe:2.3:a:kubernetes:kubernetes:1.0.3
  • Kubernetes 1.0.4
    cpe:2.3:a:kubernetes:kubernetes:1.0.4
  • Kubernetes 1.0.5
    cpe:2.3:a:kubernetes:kubernetes:1.0.5
  • Kubernetes 1.0.6
    cpe:2.3:a:kubernetes:kubernetes:1.0.6
  • Kubernetes 1.0.7
    cpe:2.3:a:kubernetes:kubernetes:1.0.7
  • Kubernetes 1.0.8 Beta
    cpe:2.3:a:kubernetes:kubernetes:1.0.8:beta
  • Kubernetes 1.1.0
    cpe:2.3:a:kubernetes:kubernetes:1.1.0
  • Kubernetes 1.1.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.0:alpha0
  • Kubernetes 1.1.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.1.0:alpha1
  • Kubernetes 1.1.0 Beta
    cpe:2.3:a:kubernetes:kubernetes:1.1.0:beta
  • Kubernetes 1.1.1
    cpe:2.3:a:kubernetes:kubernetes:1.1.1
  • Kubernetes 1.1.1 Beta
    cpe:2.3:a:kubernetes:kubernetes:1.1.1:beta
  • Kubernetes 1.1.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.1:beta0
  • Kubernetes 1.1.1 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.1.1:beta1
  • Kubernetes 1.1.2
    cpe:2.3:a:kubernetes:kubernetes:1.1.2
  • Kubernetes 1.1.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.2:beta0
  • Kubernetes 1.1.3
    cpe:2.3:a:kubernetes:kubernetes:1.1.3
  • Kubernetes 1.1.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.3:beta0
  • Kubernetes 1.1.4
    cpe:2.3:a:kubernetes:kubernetes:1.1.4
  • Kubernetes 1.1.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.4:beta0
  • Kubernetes 1.1.5
    cpe:2.3:a:kubernetes:kubernetes:1.1.5
  • Kubernetes 1.1.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.5:beta0
  • Kubernetes 1.1.6
    cpe:2.3:a:kubernetes:kubernetes:1.1.6
  • Kubernetes 1.1.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.6:beta0
  • Kubernetes 1.1.7
    cpe:2.3:a:kubernetes:kubernetes:1.1.7
  • Kubernetes 1.1.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.7:beta0
  • Kubernetes 1.1.8
    cpe:2.3:a:kubernetes:kubernetes:1.1.8
  • Kubernetes 1.1.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.8:beta0
  • Kubernetes 1.1.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.1.9:beta0
  • Kubernetes 1.2.0
    cpe:2.3:a:kubernetes:kubernetes:1.2.0
  • Kubernetes 1.2.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha0
  • Kubernetes 1.2.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha1
  • Kubernetes 1.2.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha2
  • Kubernetes 1.2.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha3
  • Kubernetes 1.2.0 Alpha 4
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha4
  • Kubernetes 1.2.0 Alpha 5
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha5
  • Kubernetes 1.2.0 Alpha 6
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha6
  • Kubernetes 1.2.0 Alpha 7
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha7
  • Kubernetes 1.2.0 Alpha 8
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:alpha8
  • Kubernetes 1.2.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:beta0
  • Kubernetes 1.2.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.2.0:beta1
  • Kubernetes 1.2.1
    cpe:2.3:a:kubernetes:kubernetes:1.2.1
  • Kubernetes 1.2.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.1:beta0
  • Kubernetes 1.2.2
    cpe:2.3:a:kubernetes:kubernetes:1.2.2
  • Kubernetes 1.2.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.2:beta0
  • Kubernetes 1.2.3
    cpe:2.3:a:kubernetes:kubernetes:1.2.3
  • Kubernetes 1.2.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.3:beta0
  • Kubernetes 1.2.4
    cpe:2.3:a:kubernetes:kubernetes:1.2.4
  • Kubernetes 1.2.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.4:beta0
  • Kubernetes 1.2.5
    cpe:2.3:a:kubernetes:kubernetes:1.2.5
  • Kubernetes 1.2.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.5:beta0
  • Kubernetes 1.2.6
    cpe:2.3:a:kubernetes:kubernetes:1.2.6
  • Kubernetes 1.2.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.6:beta0
  • Kubernetes 1.2.7
    cpe:2.3:a:kubernetes:kubernetes:1.2.7
  • Kubernetes 1.2.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.7:beta0
  • Kubernetes 1.2.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.2.8:beta0
  • Kubernetes 1.3.0
    cpe:2.3:a:kubernetes:kubernetes:1.3.0
  • Kubernetes 1.3.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:alpha0
  • Kubernetes 1.3.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:alpha1
  • Kubernetes 1.3.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:alpha2
  • Kubernetes 1.3.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:alpha3
  • Kubernetes 1.3.0 Alpha 4
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:alpha4
  • Kubernetes 1.3.0 Alpha 5
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:alpha5
  • Kubernetes 1.3.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:beta0
  • Kubernetes 1.3.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:beta1
  • Kubernetes 1.3.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:beta2
  • Kubernetes 1.3.0 Beta 3
    cpe:2.3:a:kubernetes:kubernetes:1.3.0:beta3
  • Kubernetes 1.3.1
    cpe:2.3:a:kubernetes:kubernetes:1.3.1
  • Kubernetes 1.3.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.1:beta0
  • Kubernetes 1.3.1 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.3.1:beta1
  • Kubernetes 1.3.2
    cpe:2.3:a:kubernetes:kubernetes:1.3.2
  • Kubernetes 1.3.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.2:beta0
  • Kubernetes 1.3.3
    cpe:2.3:a:kubernetes:kubernetes:1.3.3
  • Kubernetes 1.3.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.3:beta0
  • Kubernetes 1.3.4
    cpe:2.3:a:kubernetes:kubernetes:1.3.4
  • Kubernetes 1.3.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.4:beta0
  • Kubernetes 1.3.5
    cpe:2.3:a:kubernetes:kubernetes:1.3.5
  • Kubernetes 1.3.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.5:beta0
  • Kubernetes 1.3.6
    cpe:2.3:a:kubernetes:kubernetes:1.3.6
  • Kubernetes 1.3.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.6:beta0
  • Kubernetes 1.3.7
    cpe:2.3:a:kubernetes:kubernetes:1.3.7
  • Kubernetes 1.3.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.7:beta0
  • Kubernetes 1.3.8
    cpe:2.3:a:kubernetes:kubernetes:1.3.8
  • Kubernetes 1.3.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.8:beta0
  • Kubernetes 1.3.9
    cpe:2.3:a:kubernetes:kubernetes:1.3.9
  • Kubernetes 1.3.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.9:beta0
  • Kubernetes 1.3.10
    cpe:2.3:a:kubernetes:kubernetes:1.3.10
  • Kubernetes 1.3.10 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.10:beta0
  • Kubernetes 1.3.11 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.3.11:beta0
  • Kubernetes 1.4.0
    cpe:2.3:a:kubernetes:kubernetes:1.4.0
  • Kubernetes 1.4.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:alpha0
  • Kubernetes 1.4.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:alpha1
  • Kubernetes 1.4.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:alpha2
  • Kubernetes 1.4.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:alpha3
  • Kubernetes 1.4.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta0
  • Kubernetes 1.4.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta1
  • Kubernetes 1.4.0 Beta 10
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta10
  • Kubernetes 1.4.0 Beta 11
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta11
  • Kubernetes 1.4.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta2
  • Kubernetes 1.4.0 Beta 3
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta3
  • Kubernetes 1.4.0 Beta 4
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta4
  • Kubernetes 1.4.0 Beta 5
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta5
  • Kubernetes 1.4.0 Beta 6
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta6
  • Kubernetes 1.4.0 Beta 7
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta7
  • Kubernetes 1.4.0 Beta 8
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta8
  • Kubernetes 1.4.0 Beta 9
    cpe:2.3:a:kubernetes:kubernetes:1.4.0:beta9
  • Kubernetes 1.4.1
    cpe:2.3:a:kubernetes:kubernetes:1.4.1
  • Kubernetes 1.4.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.1:beta0
  • Kubernetes 1.4.1 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.4.1:beta1
  • Kubernetes 1.4.1 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.4.1:beta2
  • Kubernetes 1.4.2
    cpe:2.3:a:kubernetes:kubernetes:1.4.2
  • Kubernetes 1.4.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.2:beta0
  • Kubernetes 1.4.2 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.4.2:beta1
  • Kubernetes 1.4.3
    cpe:2.3:a:kubernetes:kubernetes:1.4.3
  • Kubernetes 1.4.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.3:beta0
  • Kubernetes 1.4.4
    cpe:2.3:a:kubernetes:kubernetes:1.4.4
  • Kubernetes 1.4.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.4:beta0
  • Kubernetes 1.4.5
    cpe:2.3:a:kubernetes:kubernetes:1.4.5
  • Kubernetes 1.4.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.5:beta0
  • Kubernetes 1.4.6
    cpe:2.3:a:kubernetes:kubernetes:1.4.6
  • Kubernetes 1.4.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.6:beta0
  • Kubernetes 1.4.7
    cpe:2.3:a:kubernetes:kubernetes:1.4.7
  • Kubernetes 1.4.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.7:beta0
  • Kubernetes 1.4.8
    cpe:2.3:a:kubernetes:kubernetes:1.4.8
  • Kubernetes 1.4.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.8:beta0
  • Kubernetes 1.4.9
    cpe:2.3:a:kubernetes:kubernetes:1.4.9
  • Kubernetes 1.4.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.9:beta0
  • Kubernetes 1.4.11 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.11:beta0
  • Kubernetes 1.4.12
    cpe:2.3:a:kubernetes:kubernetes:1.4.12
  • Kubernetes 1.4.12 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.4.12:beta0
  • Kubernetes 1.5.0
    cpe:2.3:a:kubernetes:kubernetes:1.5.0
  • Kubernetes 1.5.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.0:alpha0
  • Kubernetes 1.5.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.5.0:alpha1
  • Kubernetes 1.5.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.5.0:alpha2
  • Kubernetes 1.5.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.0:beta0
  • Kubernetes 1.5.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.5.0:beta1
  • Kubernetes 1.5.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.5.0:beta2
  • Kubernetes 1.5.0 Beta 3
    cpe:2.3:a:kubernetes:kubernetes:1.5.0:beta3
  • Kubernetes 1.5.1
    cpe:2.3:a:kubernetes:kubernetes:1.5.1
  • Kubernetes 1.5.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.1:beta0
  • Kubernetes 1.5.2
    cpe:2.3:a:kubernetes:kubernetes:1.5.2
  • Kubernetes 1.5.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.2:beta0
  • Kubernetes 1.5.3
    cpe:2.3:a:kubernetes:kubernetes:1.5.3
  • Kubernetes 1.5.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.3:beta0
  • Kubernetes 1.5.4
    cpe:2.3:a:kubernetes:kubernetes:1.5.4
  • Kubernetes 1.5.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.4:beta0
  • Kubernetes 1.5.5
    cpe:2.3:a:kubernetes:kubernetes:1.5.5
  • Kubernetes 1.5.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.5:beta0
  • Kubernetes 1.5.6
    cpe:2.3:a:kubernetes:kubernetes:1.5.6
  • Kubernetes 1.5.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.6:beta0
  • Kubernetes 1.5.7
    cpe:2.3:a:kubernetes:kubernetes:1.5.7
  • Kubernetes 1.5.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.7:beta0
  • Kubernetes 1.5.8
    cpe:2.3:a:kubernetes:kubernetes:1.5.8
  • Kubernetes 1.5.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.8:beta0
  • Kubernetes 1.5.9
    cpe:2.3:a:kubernetes:kubernetes:1.5.9
  • Kubernetes 1.5.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.5.9:beta0
  • Kubernetes 1.6.0
    cpe:2.3:a:kubernetes:kubernetes:1.6.0
  • Kubernetes 1.6.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha0
  • Kubernetes 1.6.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha1
  • Kubernetes 1.6.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha2
  • Kubernetes 1.6.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:alpha3
  • Kubernetes 1.6.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta0
  • Kubernetes 1.6.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta1
  • Kubernetes 1.6.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta2
  • Kubernetes 1.6.0 Beta 3
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta3
  • Kubernetes 1.6.0 Beta 4
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:beta4
  • Kubernetes 1.6.0 Release Candidate 1
    cpe:2.3:a:kubernetes:kubernetes:1.6.0:rc1
  • Kubernetes 1.6.1
    cpe:2.3:a:kubernetes:kubernetes:1.6.1
  • Kubernetes 1.6.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.1:beta0
  • Kubernetes 1.6.2
    cpe:2.3:a:kubernetes:kubernetes:1.6.2
  • Kubernetes 1.6.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.2:beta0
  • Kubernetes 1.6.3
    cpe:2.3:a:kubernetes:kubernetes:1.6.3
  • Kubernetes 1.6.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta0
  • Kubernetes 1.6.3 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.6.3:beta1
  • Kubernetes 1.6.4
    cpe:2.3:a:kubernetes:kubernetes:1.6.4
  • Kubernetes 1.6.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta0
  • Kubernetes 1.6.4 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.6.4:beta1
  • Kubernetes 1.6.5
    cpe:2.3:a:kubernetes:kubernetes:1.6.5
  • Kubernetes 1.6.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.5:beta0
  • Kubernetes 1.6.6
    cpe:2.3:a:kubernetes:kubernetes:1.6.6
  • Kubernetes 1.6.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.6:beta0
  • Kubernetes 1.6.7
    cpe:2.3:a:kubernetes:kubernetes:1.6.7
  • Kubernetes 1.6.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.7:beta0
  • Kubernetes 1.6.8
    cpe:2.3:a:kubernetes:kubernetes:1.6.8
  • Kubernetes 1.6.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.8:beta0
  • Kubernetes 1.6.9
    cpe:2.3:a:kubernetes:kubernetes:1.6.9
  • Kubernetes 1.6.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.9:beta0
  • Kubernetes 1.6.10
    cpe:2.3:a:kubernetes:kubernetes:1.6.10
  • Kubernetes 1.6.10 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.10:beta0
  • Kubernetes 1.6.11
    cpe:2.3:a:kubernetes:kubernetes:1.6.11
  • Kubernetes 1.6.11 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.11:beta0
  • Kubernetes 1.6.12
    cpe:2.3:a:kubernetes:kubernetes:1.6.12
  • Kubernetes 1.6.12 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.12:beta0
  • Kubernetes 1.6.13
    cpe:2.3:a:kubernetes:kubernetes:1.6.13
  • Kubernetes 1.6.13 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.13:beta0
  • Kubernetes 1.6.14
    cpe:2.3:a:kubernetes:kubernetes:1.6.14
  • Kubernetes 1.6.14 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.6.14:beta0
  • Kubernetes 1.7.0
    cpe:2.3:a:kubernetes:kubernetes:1.7.0
  • Kubernetes 1.7.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:alpha0
  • Kubernetes 1.7.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:alpha1
  • Kubernetes 1.7.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:alpha2
  • Kubernetes 1.7.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:alpha3
  • Kubernetes 1.7.0 Alpha 4
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:alpha4
  • Kubernetes 1.7.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:beta0
  • Kubernetes 1.7.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:beta1
  • Kubernetes 1.7.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:beta2
  • Kubernetes 1.7.0 Beta 3
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:beta3
  • Kubernetes 1.7.0 Release Candidate 1
    cpe:2.3:a:kubernetes:kubernetes:1.7.0:rc1
  • Kubernetes 1.7.1
    cpe:2.3:a:kubernetes:kubernetes:1.7.1
  • Kubernetes 1.7.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.1:beta0
  • Kubernetes 1.7.2
    cpe:2.3:a:kubernetes:kubernetes:1.7.2
  • Kubernetes 1.7.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.2:beta0
  • Kubernetes 1.7.3
    cpe:2.3:a:kubernetes:kubernetes:1.7.3
  • Kubernetes 1.7.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.3:beta0
  • Kubernetes 1.7.4
    cpe:2.3:a:kubernetes:kubernetes:1.7.4
  • Kubernetes 1.7.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.4:beta0
  • Kubernetes 1.7.5
    cpe:2.3:a:kubernetes:kubernetes:1.7.5
  • Kubernetes 1.7.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.5:beta0
  • Kubernetes 1.7.6
    cpe:2.3:a:kubernetes:kubernetes:1.7.6
  • Kubernetes 1.7.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.6:beta0
  • Kubernetes 1.7.7
    cpe:2.3:a:kubernetes:kubernetes:1.7.7
  • Kubernetes 1.7.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.7:beta0
  • Kubernetes 1.7.8
    cpe:2.3:a:kubernetes:kubernetes:1.7.8
  • Kubernetes 1.7.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.8:beta0
  • Kubernetes 1.7.9
    cpe:2.3:a:kubernetes:kubernetes:1.7.9
  • Kubernetes 1.7.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.9:beta0
  • Kubernetes 1.7.10
    cpe:2.3:a:kubernetes:kubernetes:1.7.10
  • Kubernetes 1.7.10 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.10:beta0
  • Kubernetes 1.7.11
    cpe:2.3:a:kubernetes:kubernetes:1.7.11
  • Kubernetes 1.7.11 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.11:beta0
  • Kubernetes 1.7.12
    cpe:2.3:a:kubernetes:kubernetes:1.7.12
  • Kubernetes 1.7.12 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.12:beta0
  • Kubernetes 1.7.13
    cpe:2.3:a:kubernetes:kubernetes:1.7.13
  • Kubernetes 1.7.13 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.13:beta0
  • Kubernetes 1.7.14
    cpe:2.3:a:kubernetes:kubernetes:1.7.14
  • Kubernetes 1.7.14 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.14:beta0
  • Kubernetes 1.7.15
    cpe:2.3:a:kubernetes:kubernetes:1.7.15
  • Kubernetes 1.7.15 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.15:beta0
  • Kubernetes 1.7.16
    cpe:2.3:a:kubernetes:kubernetes:1.7.16
  • Kubernetes 1.7.16 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.16:beta0
  • Kubernetes 1.7.17
    cpe:2.3:a:kubernetes:kubernetes:1.7.17
  • Kubernetes 1.7.17 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.7.17:beta0
  • Kubernetes 1.8.0
    cpe:2.3:a:kubernetes:kubernetes:1.8.0
  • Kubernetes 1.8.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.0:alpha0
  • Kubernetes 1.8.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.8.0:alpha1
  • Kubernetes 1.8.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.8.0:alpha2
  • Kubernetes 1.8.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.8.0:alpha3
  • Kubernetes 1.8.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.0:beta0
  • Kubernetes 1.8.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.8.0:beta1
  • Kubernetes 1.8.0 Release Candidate 1
    cpe:2.3:a:kubernetes:kubernetes:1.8.0:rc1
  • Kubernetes 1.8.1
    cpe:2.3:a:kubernetes:kubernetes:1.8.1
  • Kubernetes 1.8.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.1:beta0
  • Kubernetes 1.8.2
    cpe:2.3:a:kubernetes:kubernetes:1.8.2
  • Kubernetes 1.8.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.2:beta0
  • Kubernetes 1.8.3
    cpe:2.3:a:kubernetes:kubernetes:1.8.3
  • Kubernetes 1.8.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.3:beta0
  • Kubernetes 1.8.4
    cpe:2.3:a:kubernetes:kubernetes:1.8.4
  • Kubernetes 1.8.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.4:beta0
  • Kubernetes 1.8.5
    cpe:2.3:a:kubernetes:kubernetes:1.8.5
  • Kubernetes 1.8.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.5:beta0
  • Kubernetes 1.8.6
    cpe:2.3:a:kubernetes:kubernetes:1.8.6
  • Kubernetes 1.8.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.6:beta0
  • Kubernetes 1.8.7
    cpe:2.3:a:kubernetes:kubernetes:1.8.7
  • Kubernetes 1.8.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.7:beta0
  • Kubernetes 1.8.8
    cpe:2.3:a:kubernetes:kubernetes:1.8.8
  • Kubernetes 1.8.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.8:beta0
  • Kubernetes 1.8.9
    cpe:2.3:a:kubernetes:kubernetes:1.8.9
  • Kubernetes 1.8.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.9:beta0
  • Kubernetes 1.8.10
    cpe:2.3:a:kubernetes:kubernetes:1.8.10
  • Kubernetes 1.8.10 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.10:beta0
  • Kubernetes 1.8.11
    cpe:2.3:a:kubernetes:kubernetes:1.8.11
  • Kubernetes 1.8.11 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.11:beta0
  • Kubernetes 1.8.12
    cpe:2.3:a:kubernetes:kubernetes:1.8.12
  • Kubernetes 1.8.12 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.12:beta0
  • Kubernetes 1.8.13
    cpe:2.3:a:kubernetes:kubernetes:1.8.13
  • Kubernetes 1.8.13 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.13:beta0
  • Kubernetes 1.8.14
    cpe:2.3:a:kubernetes:kubernetes:1.8.14
  • Kubernetes 1.8.14 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.14:beta0
  • Kubernetes 1.8.15
    cpe:2.3:a:kubernetes:kubernetes:1.8.15
  • Kubernetes 1.8.15 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.15:beta0
  • Kubernetes 1.8.16 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.8.16:beta0
  • Kubernetes 1.9.0
    cpe:2.3:a:kubernetes:kubernetes:1.9.0
  • Kubernetes 1.9.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.0:alpha0
  • Kubernetes 1.9.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.9.0:alpha1
  • Kubernetes 1.9.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.9.0:alpha2
  • Kubernetes 1.9.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.9.0:alpha3
  • Kubernetes 1.9.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.0:beta0
  • Kubernetes 1.9.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.9.0:beta1
  • Kubernetes 1.9.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.9.0:beta2
  • Kubernetes 1.9.1
    cpe:2.3:a:kubernetes:kubernetes:1.9.1
  • Kubernetes 1.9.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.1:beta0
  • Kubernetes 1.9.2
    cpe:2.3:a:kubernetes:kubernetes:1.9.2
  • Kubernetes 1.9.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.2:beta0
  • Kubernetes 1.9.3
    cpe:2.3:a:kubernetes:kubernetes:1.9.3
  • Kubernetes 1.9.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.3:beta0
  • Kubernetes 1.9.4
    cpe:2.3:a:kubernetes:kubernetes:1.9.4
  • Kubernetes 1.9.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.4:beta0
  • Kubernetes 1.9.5
    cpe:2.3:a:kubernetes:kubernetes:1.9.5
  • Kubernetes 1.9.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.5:beta0
  • Kubernetes 1.9.6
    cpe:2.3:a:kubernetes:kubernetes:1.9.6
  • Kubernetes 1.9.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.6:beta0
  • Kubernetes 1.9.7
    cpe:2.3:a:kubernetes:kubernetes:1.9.7
  • Kubernetes 1.9.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.7:beta0
  • Kubernetes 1.9.8
    cpe:2.3:a:kubernetes:kubernetes:1.9.8
  • Kubernetes 1.9.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.8:beta0
  • Kubernetes 1.9.9
    cpe:2.3:a:kubernetes:kubernetes:1.9.9
  • Kubernetes 1.9.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.9:beta0
  • Kubernetes 1.9.10
    cpe:2.3:a:kubernetes:kubernetes:1.9.10
  • Kubernetes 1.9.10 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.10:beta0
  • Kubernetes 1.9.11
    cpe:2.3:a:kubernetes:kubernetes:1.9.11
  • Kubernetes 1.9.11 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.11:beta0
  • Kubernetes 1.9.12 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.9.12:beta0
  • Kubernetes 1.10.0
    cpe:2.3:a:kubernetes:kubernetes:1.10.0
  • Kubernetes 1.10.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:alpha0
  • Kubernetes 1.10.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:alpha1
  • Kubernetes 1.10.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:alpha2
  • Kubernetes 1.10.0 Alpha 3
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:alpha3
  • Kubernetes 1.10.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:beta0
  • Kubernetes 1.10.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:beta1
  • Kubernetes 1.10.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:beta2
  • Kubernetes 1.10.0 Beta 3
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:beta3
  • Kubernetes 1.10.0 Beta 4
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:beta4
  • Kubernetes 1.10.0 Release Candidate 1
    cpe:2.3:a:kubernetes:kubernetes:1.10.0:rc1
  • Kubernetes 1.10.1
    cpe:2.3:a:kubernetes:kubernetes:1.10.1
  • Kubernetes 1.10.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.1:beta0
  • Kubernetes 1.10.2
    cpe:2.3:a:kubernetes:kubernetes:1.10.2
  • Kubernetes 1.10.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.2:beta0
  • Kubernetes 1.10.3
    cpe:2.3:a:kubernetes:kubernetes:1.10.3
  • Kubernetes 1.10.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.3:beta0
  • Kubernetes 1.10.4
    cpe:2.3:a:kubernetes:kubernetes:1.10.4
  • Kubernetes 1.10.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.4:beta0
  • Kubernetes 1.10.5
    cpe:2.3:a:kubernetes:kubernetes:1.10.5
  • Kubernetes 1.10.5 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.5:beta0
  • Kubernetes 1.10.6
    cpe:2.3:a:kubernetes:kubernetes:1.10.6
  • Kubernetes 1.10.6 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.6:beta0
  • Kubernetes 1.10.7
    cpe:2.3:a:kubernetes:kubernetes:1.10.7
  • Kubernetes 1.10.7 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.7:beta0
  • Kubernetes 1.10.8
    cpe:2.3:a:kubernetes:kubernetes:1.10.8
  • Kubernetes 1.10.8 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.8:beta0
  • Kubernetes 1.10.9
    cpe:2.3:a:kubernetes:kubernetes:1.10.9
  • Kubernetes 1.10.9 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.9:beta0
  • Kubernetes 1.10.10
    cpe:2.3:a:kubernetes:kubernetes:1.10.10
  • Kubernetes 1.10.10 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.10.10:beta0
  • Kubernetes 1.11.0
    cpe:2.3:a:kubernetes:kubernetes:1.11.0
  • Kubernetes 1.11.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:alpha0
  • Kubernetes 1.11.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:alpha1
  • Kubernetes 1.11.0 Alpha 2
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:alpha2
  • Kubernetes 1.11.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:beta0
  • Kubernetes 1.11.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:beta1
  • Kubernetes 1.11.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:beta2
  • Kubernetes 1.11.0 Release Candidate 1
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:rc1
  • Kubernetes 1.11.0 Release Candidate 2
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:rc2
  • Kubernetes 1.11.0 Release Candidate 3
    cpe:2.3:a:kubernetes:kubernetes:1.11.0:rc3
  • Kubernetes 1.11.1
    cpe:2.3:a:kubernetes:kubernetes:1.11.1
  • Kubernetes 1.11.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.11.1:beta0
  • Kubernetes 1.11.2
    cpe:2.3:a:kubernetes:kubernetes:1.11.2
  • Kubernetes 1.11.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.11.2:beta0
  • Kubernetes 1.11.3
    cpe:2.3:a:kubernetes:kubernetes:1.11.3
  • Kubernetes 1.11.3 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.11.3:beta0
  • Kubernetes 1.11.4
    cpe:2.3:a:kubernetes:kubernetes:1.11.4
  • Kubernetes 1.11.4 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.11.4:beta0
  • Kubernetes 1.12.0
    cpe:2.3:a:kubernetes:kubernetes:1.12.0
  • Kubernetes 1.12.0 Alpha 0
    cpe:2.3:a:kubernetes:kubernetes:1.12.0:alpha0
  • Kubernetes 1.12.0 Alpha 1
    cpe:2.3:a:kubernetes:kubernetes:1.12.0:alpha1
  • Kubernetes 1.12.0 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.12.0:beta0
  • Kubernetes 1.12.0 Beta 1
    cpe:2.3:a:kubernetes:kubernetes:1.12.0:beta1
  • Kubernetes 1.12.0 Beta 2
    cpe:2.3:a:kubernetes:kubernetes:1.12.0:beta2
  • Kubernetes 1.12.0 Release Candidate 1
    cpe:2.3:a:kubernetes:kubernetes:1.12.0:rc1
  • Kubernetes 1.12.0 Release Candidate 2
    cpe:2.3:a:kubernetes:kubernetes:1.12.0:rc2
  • Kubernetes 1.12.1
    cpe:2.3:a:kubernetes:kubernetes:1.12.1
  • Kubernetes 1.12.1 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.12.1:beta0
  • Kubernetes 1.12.2
    cpe:2.3:a:kubernetes:kubernetes:1.12.2
  • Kubernetes 1.12.2 Beta 0
    cpe:2.3:a:kubernetes:kubernetes:1.12.2:beta0
  • Red Hat OpenShift Container Platform 3.2
    cpe:2.3:a:redhat:openshift_container_platform:3.2
  • Red Hat OpenShift Container Platform 3.3
    cpe:2.3:a:redhat:openshift_container_platform:3.3
  • Red Hat OpenShift Container Platform 3.4
    cpe:2.3:a:redhat:openshift_container_platform:3.4
  • Red Hat OpenShift Container Platform 3.5
    cpe:2.3:a:redhat:openshift_container_platform:3.5
  • Red Hat OpenShift Container Platform 3.6
    cpe:2.3:a:redhat:openshift_container_platform:3.6
  • Red Hat OpenShift Container Platform 3.8
    cpe:2.3:a:redhat:openshift_container_platform:3.8
  • Red Hat OpenShift Container Platform 3.10
    cpe:2.3:a:redhat:openshift_container_platform:3.10
  • Red Hat OpenShift Container Platform 3.11
    cpe:2.3:a:redhat:openshift_container_platform:3.11
  • cpe:2.3:a:netapp:trident
    cpe:2.3:a:netapp:trident
CVSS
Base: 7.5
Impact:
Exploitability:
CWE CWE-388
CAPEC
  • Fuzzing for garnering J2EE/.NET-based stack traces, for application mapping
    An attacker sends random, malformed, or otherwise unexpected messages to a target application and observes any stack traces produced by error messages. Fuzzing techniques involve sending random or malformed messages to a target and monitoring the target's response. The attacker does not initially know how a target will respond to individual messages but by attempting a large number of message variants they may find a variant that trigger's desired behavior. In this attack, the purpose of the fuzzing is to cause the targeted application to return an error including a stack trace, although fuzzing a target can also sometimes cause the target to enter an unstable state, causing a crash. The stack trace enumerates the chain of methods that led up to the point where the error was encountered. This can not only reveal the names of the methods (some of which may have known weaknesses) but possibly also the location of class files and libraries as well as parameter values. In some cases, the stack trace might even disclose sensitive configuration or user information.
  • Fuzzing
    Fuzzing is a software testing method that feeds randomly constructed input to the system and looks for an indication that a failure in response to that input has occurred. Fuzzing treats the system as a black box and is totally free from any preconceptions or assumptions about the system. An attacker can leverage fuzzing to try to identify weaknesses in the system. For instance fuzzing can help an attacker discover certain assumptions made in the system about user input. Fuzzing gives an attacker a quick way of potentially uncovering some of these assumptions without really knowing anything about the internals of the system. These assumptions can then be turned against the system by specially crafting user input that may allow an attacker to achieve his goals.
exploit-db via4
  • file exploits/multiple/remote/46052.py
    id EDB-ID:46052
    last seen 2018-12-25
    modified 2018-12-10
    platform multiple
    port
    published 2018-12-10
    reporter Exploit-DB
    source https://www.exploit-db.com/download/46052
    title Kubernetes - (Unauthenticated) Arbitrary Requests
    type remote
  • file exploits/multiple/remote/46053.py
    id EDB-ID:46053
    last seen 2018-12-25
    modified 2018-12-10
    platform multiple
    port
    published 2018-12-10
    reporter Exploit-DB
    source https://www.exploit-db.com/download/46053
    title Kubernetes - (Authenticated) Arbitrary Requests
    type remote
nessus via4
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-2906.NASL
    description An update is now available for Red Hat OpenShift Container Platform release 3.7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) * atomic-openshift: oc patch with json causes masterapi service crash (CVE-2018-14632) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Lars Haugan for reporting CVE-2018-14632. Space precludes documenting all of the bug fixes and enhancements in this advisory. See the following Release Notes documentation for details about these changes : https://docs.openshift.com/container-platform/3.7/release_notes/ ocp_3_7_release_notes.html All OpenShift Container Platform 3.7 users are advised to upgrade to these updated packages and images.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119406
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119406
    title RHEL 7 : OpenShift Container Platform 3.7 (RHSA-2018:2906)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3537.NASL
    description An update is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) * nodejs: Out of bounds (OOB) write via UCS-2 encoding (CVE-2018-12115) * kibana: Cross-site scripting via the source field formatter (CVE-2018-3830) Space precludes documenting all of the bug fixes and enhancements in this advisory. See the following Release Notes documentation for details about these changes : https://docs.openshift.com/container-platform/3.11/release_notes/ ocp_3_11_release_notes.html All OpenShift Container Platform 3.11 users are advised to upgrade to these updated packages and images.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119408
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119408
    title RHEL 7 : OpenShift Container Platform 3.11 (RHSA-2018:3537)
  • NASL family Fedora Local Security Checks
    NASL id FEDORA_2018-314913636B.NASL
    description - Rebase to upstream 8de5c3442e56dbe05403990ce0821746673fd588, let's call it 3.11.1 - Fix for CVE-2018-1002105 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-03
    plugin id 120332
    published 2019-01-03
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=120332
    title Fedora 29 : origin (2018-314913636b)
  • NASL family CGI abuses
    NASL id KUBE_CVE_2018_1002105.NASL
    description A remote, unauthenticated attacker may be able to leverage API calls to escalate privileges via proxy request handling vulnerability. Note that a successful attack requires that an API extension server is directly accessible from the Kubernetes API server's network or that a cluster has granted pod exec, attach, port-forward permissions too loosely.
    last seen 2019-02-21
    modified 2019-01-08
    plugin id 119677
    published 2018-12-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119677
    title Kubernetes proxy request handling vulnerability (CVE-2018-1002105)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3752.NASL
    description An update is now available for Red Hat OpenShift Container Platform release 3.4. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.4. See the following advisory for the container images for this release : https://access.redhat.com/errata/RHBA-2018:3751 All OpenShift Container Platform 3.4 users are advised to upgrade to these updated packages and images.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119415
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119415
    title RHEL 7 : OpenShift Container Platform 3.4 (RHSA-2018:3752)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-2_0-0112_KUBERNETES.NASL
    description An update of the kubernetes package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 122010
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122010
    title Photon OS 2.0: Kubernetes PHSA-2018-2.0-0112
  • NASL family CGI abuses
    NASL id KUBE_1_12_3.NASL
    description The version of Kubernetes installed on the remote host is version 1.x prior to 1.10.11, 1.11.x prior to 1.11.5, or 1.12.x prior to 1.12.3, and thus, is affected by a remote, unauthenticated privilege escalation vulnerability. Note that a successful attack requires that an API extension server is directly accessible from the Kubernetes API server's network or that a cluster has granted pod exec, attach, portforward permissions too loosely.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 119327
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119327
    title Kubernetes 1.x < 1.10.11 / 1.11.x < 1.11.5 / 1.12.x < 1.12.3 API Server Privilege Escalation
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3551.NASL
    description An update is now available for Red Hat OpenShift Container Platform 3.8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.8.44. See the following advisory for the container images for this release : https://access.redhat.com/errata/RHBA-2018:3550 All OpenShift Container Platform 3.8 users are advised to upgrade to these updated packages.
    last seen 2019-02-21
    modified 2018-12-17
    plugin id 119410
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119410
    title RHEL 7 : OpenShift Container Platform 3.8 (RHSA-2018:3551)
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2019-1_0-0202_KUBERNETES.NASL
    description An update of the kubernetes package has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 122013
    published 2019-02-07
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=122013
    title Photon OS 1.0: Kubernetes PHSA-2019-1.0-0202
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3754.NASL
    description An update is now available for Red Hat OpenShift Container Platform release 3.3. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.3. See the following advisory for the container images for this release : https://access.redhat.com/errata/RHBA-2018:3753 https://docs.openshift.com/container-platform/3.3/release_notes/ ocp_3_3_release_notes.html All OpenShift Container Platform 3.3 users are advised to upgrade to these updated packages and images.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119416
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119416
    title RHEL 7 : OpenShift Container Platform 3.3 (RHSA-2018:3754)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3598.NASL
    description An update is now available for Red Hat OpenShift Container Platform release 3.6. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105)
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119411
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119411
    title RHEL 7 : OpenShift Container Platform 3.6 (RHSA-2018:3598)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3742.NASL
    description An update is now available for Red Hat OpenShift Container Platform 3.2. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.2.z. See the following advisory for the container images for this release : https://access.redhat.com/errata/RHBA-2018:3741 All OpenShift Container Platform 3.2 users are advised to upgrade to these updated packages and images.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119414
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119414
    title RHEL 7 : OpenShift Container Platform 3.2 (RHSA-2018:3742)
  • NASL family Misc.
    NASL id RANCHER_2_1_3.NASL
    description The version of a Docker container of Rancher is prior to 1.6.25, 2.0.9, or 2.1.3 and, thus, is affected by a proxy request handling flaw contained in Kubernetes. A remote, unauthenticated attacker may be able to leverage API calls to escalate privileges via proxy request handling vulnerability. Note that a successful attack requires that an API extension server is directly accessible from the Kubernetes API server's network or that a cluster has granted pod exec, attach, port-forward permissions too loosely.
    last seen 2019-02-21
    modified 2018-12-19
    plugin id 119779
    published 2018-12-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119779
    title Rancher < 1.6.25 / 2.0.9 / 2.1.3 Kubernetes Proxy Request Handling Vulnerability
  • NASL family PhotonOS Local Security Checks
    NASL id PHOTONOS_PHSA-2018-2_0-0112.NASL
    description An update of 'kubernetes' packages of Photon OS has been released.
    last seen 2019-02-08
    modified 2019-02-07
    plugin id 119753
    published 2018-12-18
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119753
    title Photon OS 2.0: Kubernetes PHSA-2018-2.0-0112 (deprecated)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-2908.NASL
    description An update is now available for Red Hat OpenShift Container Platform 3.9. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) * atomic-openshift: oc patch with json causes masterapi service crash (CVE-2018-14632) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section. Red Hat would like to thank Lars Haugan for reporting CVE-2018-14632. Space precludes documenting all of the bug fixes and enhancements in this advisory. See the following Release Notes documentation for details about these changes : https://docs.openshift.com/container-platform/3.9/release_notes/ ocp_3_9_release_notes.html This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.51. See the following advisory for the container images for this release : https://access.redhat.com/errata/RHBA-2018:2907 All OpenShift Container Platform 3.9 users are advised to upgrade to these updated packages and images.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119407
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119407
    title RHEL 7 : OpenShift Container Platform 3.9 (RHSA-2018:2908)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3549.NASL
    description An update is now available for Red Hat OpenShift Container Platform 3.10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105)
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119409
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119409
    title RHEL 7 : OpenShift Container Platform 3.10 (RHSA-2018:3549)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2018-3624.NASL
    description An update is now available for Red Hat OpenShift Container Platform release 3.5. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es) : * A privilege escalation vulnerability exists in OpenShift Container Platform 3.x which allows for compromise of pods running on a compute node to which a pod is scheduled with normal user privilege. This access could include access to all secrets, pods, environment variables, running pod/container processes, and persistent volumes, including in privileged containers. Additionally, on versions 3.6 and higher of OpenShift Container Platform, this vulnerability allows cluster-admin level access to any API hosted by an aggregated API server. This includes the 'servicecatalog' API which is installed by default in 3.7 and later. Cluster-admin level access to the service catalog allows creation of brokered services by an unauthenticated user with escalated privileges in any namespace and on any node. This could lead to an attacker being allowed to deploy malicious code, or alter existing services. (CVE-2018-1002105) Space precludes documenting all of the bug fixes and enhancements in this advisory. See the following Release Notes documentation for details about these changes : https://docs.openshift.com/container-platform/3.5/release_notes/ ocp_3_5_release_notes.html All OpenShift Container Platform 3.5 users are advised to upgrade to these updated packages and images.
    last seen 2019-02-21
    modified 2018-12-13
    plugin id 119412
    published 2018-12-04
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=119412
    title RHEL 7 : OpenShift Container Platform 3.5 (RHSA-2018:3624)
redhat via4
advisories
  • rhsa
    id RHSA-2018:3537
  • rhsa
    id RHSA-2018:3549
  • rhsa
    id RHSA-2018:3551
  • rhsa
    id RHSA-2018:3598
  • rhsa
    id RHSA-2018:3624
  • rhsa
    id RHSA-2018:3742
  • rhsa
    id RHSA-2018:3752
  • rhsa
    id RHSA-2018:3754
refmap via4
bid 106068
confirm
exploit-db
  • 46052
  • 46053
misc
Last major update 05-12-2018 - 16:29
Published 05-12-2018 - 16:29
Last modified 25-04-2019 - 09:22
Back to Top