CVE-2019-11249 — UNIX Symbolic Link (Symlink) Following in Kubernetes
Severity
6.5MEDIUMNVD
EPSS
2.8%
top 13.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 29
Latest updateMay 24
Description
The kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes runs tar inside the container to create a tar archive, copies it over the network, and kubectl unpacks it on the user’s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user’s machine when kubectl cp is called, limited only by the system …
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 2.8 | Impact: 3.6
Affected Packages2 packages
Also affects: Openshift Container Platform 3.10, 3.11, 3.9, 4.1
Patches
🔴Vulnerability Details
3📋Vendor Advisories
2💬Community
2Bugzilla▶
CVE-2019-11249 kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal [fedora-all]↗2019-08-06
Bugzilla▶
CVE-2019-11249 kubernetes: Incomplete fixes for CVE-2019-1002101 and CVE-2019-11246, kubectl cp potential directory traversal↗2019-08-05