CVE-2024-9042 — Improper Input Validation in Kubernetes

CWE-20 — Improper Input Validation CWE-77 — Command Injection CWE-78 — OS Command Injection9 documents8 sources

Severity

5.9MEDIUMNVD

EPSS

0.3%

top 42.84%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

K8s.io Kubernetes Kubernetes Kubelet

Timeline

PublishedMar 13

Latest updateDec 11

Description

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:NExploitability: 0.7 | Impact: 5.2

Affected Packages2 packages

▶Gok8s.io/kubernetes1.30.0-alpha.0 — 1.30.9+3

▶CVEListV5kubernetes/kubeletv1.30 — v1.30.8+3

🔴Vulnerability Details

OSV

Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API in k8s.io/kubernetes↗2025-03-25

▶

GHSA

Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API↗2025-03-13

▶

CVEList

CVE-2024-9042: This CVE affects only Windows worker nodes↗2025-03-13

▶

OSV

Kubernetes allows Command Injection affecting Windows nodes via nodes/*/logs/query API↗2025-03-13

▶

🔍Detection Rules

Suricata

ET WEB_SERVER Kubernetes NodeLogQuery Command Injection (CVE-2024-9042)↗2025-12-11

▶

📋Vendor Advisories

Microsoft

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.↗2025-03-11

▶

Red Hat

kubelet: Command Injection affecting Windows nodes via nodes/*/logs/query API↗2025-01-15

▶

Debian

CVE-2024-9042: kubernetes - This CVE affects only Windows worker nodes. Your worker node is vulnerable to th...↗2024

▶