CVE-2019-11251

MEDIUM5.7EPSS 2.6%

Kubernetes kubectl cp Vulnerable to Symlink Attack

發布日:2021/5/18修改日:2024/8/21

也稱為:GHSA-6qfg-8799-r575GO-2022-0802

描述

The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.

受影響套件(2)

Go/k8s.io/kubernetes>= 1.13.10, < 1.13.11
Go/k8s.io/kubernetes>= 1.13.10, < 1.13.11, >= 1.14.6, < 1.14.7, >= 1.15.3, < 1.16.0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM5.7	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

參考連結(5)

ADVISORYhttps://github.com/advisories/GHSA-6qfg-8799-r575
ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2019-11251
WEBhttps://github.com/kubernetes/kubernetes/issues/87773
WEBhttps://github.com/kubernetes/kubernetes/pull/82143
WEBhttps://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ