CVE-2024-5321 — Incorrect Default Permissions in Kubernetes

CWE-276 — Incorrect Default Permissions8 documents6 sources

Severity

6.1MEDIUMNVD

EPSS

0.1%

top 78.40%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

K8s.io Kubernetes Kubernetes

Timeline

PublishedJul 18

Latest updateJul 22

Description

A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NExploitability: 1.8 | Impact: 4.2

Affected Packages2 packages

▶Gok8s.io/kubernetes1.28.0 — 1.28.12+3

▶CVEListV5kubernetes/kubernetes1.27.0 — 1.27.15+3

🔴Vulnerability Details

OSV

Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes↗2024-07-22

▶

CVEList

Incorrect permissions on Windows containers logs↗2024-07-18

▶

OSV

CVE-2024-5321: A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Auth↗2024-07-18

▶

OSV

Kubernetes sets incorrect permissions on Windows containers logs↗2024-07-18

▶

GHSA

Kubernetes sets incorrect permissions on Windows containers logs↗2024-07-18

▶

📋Vendor Advisories

Red Hat

kubelet: Incorrect permissions on Windows containers logs↗2024-07-18

▶

Debian

CVE-2024-5321: kubernetes - A security issue was discovered in Kubernetes clusters with Windows nodes where ...↗2024

▶