CVE-2024-5321
6.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Summary
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Kubernetes | Kubernetes | 1.27.0 <= 1.27.15 | affected |
| Kubernetes | Kubernetes | 1.28.0 <= 1.28.11 | affected |
| Kubernetes | Kubernetes | 1.29.0 <= 1.29.6 | affected |
| Kubernetes | Kubernetes | 1.30.0 <= 1.30.2 | affected |
| Kubernetes | Kubernetes | 1.27.16 | unaffected |
| Kubernetes | Kubernetes | 1.28.12 | unaffected |
| Kubernetes | Kubernetes | 1.29.7 | unaffected |
| Kubernetes | Kubernetes | 1.30.3 | unaffected |
Weaknesses
- CWE-276: CWE-276 Incorrect Default Permissions
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
CVE Program Container
Additional References
- https://github.com/kubernetes/kubernetes/issues/126161
- https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0
- http://www.openwall.com/lists/oss-security/2024/07/17/3
References
- https://github.com/kubernetes/kubernetes/issues/126161
- https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.