CVE-2017-1000056CVE-2017-1000056

Affected configuration(s):

cpe:/a:kubernetes:kubernetes:1.5.0
cpe:/a:kubernetes:kubernetes:1.5.1
cpe:/a:kubernetes:kubernetes:1.5.2
cpe:/a:kubernetes:kubernetes:1.5.3
cpe:/a:kubernetes:kubernetes:1.5.4

Date published: 2017-07-17T09:18:17.750-04:00

Date last modified: 2017-08-04T10:49:29.827-04:00

CVSS Score: 7.5

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: https://github.com/kubernetes/kubernetes/issues/43459

Summary: Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.