CVE-2024-5321

Summary

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

Affected Software

VendorProductVersion RangeStatus
KubernetesKubernetes1.27.0 <= 1.27.15affected
KubernetesKubernetes1.28.0 <= 1.28.11affected
KubernetesKubernetes1.29.0 <= 1.29.6affected
KubernetesKubernetes1.30.0 <= 1.30.2affected
KubernetesKubernetes1.27.16unaffected
KubernetesKubernetes1.28.12unaffected
KubernetesKubernetes1.29.7unaffected
KubernetesKubernetes1.30.3unaffected

Weaknesses

  • CWE-276: CWE-276 Incorrect Default Permissions

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

CVE Program Container

Additional References

References