Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-11249

The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system permissions of the local user. Kubernetes affected versions include versions prior to 1.13.9, versions prior to 1.14.5, versions prior to 1.15.2, and versions 1.1, 1.2, 1.4, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12.

Published

2019-08-29T01:15:11.443

Last Modified

2024-11-21T04:20:48.223

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 6.5 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

4.9

Weaknesses

Type: Secondary
CWE-61
Type: Primary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	kubernetes	kubernetes	≤ 1.12.10	Yes
Application	kubernetes	kubernetes	< 1.13.9	Yes
Application	kubernetes	kubernetes	< 1.14.5	Yes
Application	kubernetes	kubernetes	< 1.15.2	Yes
Application	kubernetes	kubernetes	1.12.11	Yes
Application	redhat	openshift_container_platform	3.9	Yes
Application	redhat	openshift_container_platform	3.10	Yes
Application	redhat	openshift_container_platform	3.11	Yes
Application	redhat	openshift_container_platform	4.1	Yes

References

https://access.redhat.com/errata/RHBA-2019:2794 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHBA-2019:2816 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHBA-2019:2824 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2019:3239 Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHSA-2019:3811 Third Party Advisory ([email protected])
https://github.com/kubernetes/kubernetes/issues/80984 Patch, Third Party Advisory ([email protected])
https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ Patch, Third Party Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20190919-0003/ Third Party Advisory ([email protected])
https://access.redhat.com/errata/RHBA-2019:2794 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHBA-2019:2816 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHBA-2019:2824 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3239 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://access.redhat.com/errata/RHSA-2019:3811 Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/kubernetes/kubernetes/issues/80984 Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://groups.google.com/d/msg/kubernetes-security-announce/vUtEcSEY6SM/v2ZZxsmtFQAJ Patch, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://security.netapp.com/advisory/ntap-20190919-0003/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)