
We found results for “”
CVE-2024-5321
Good to know:

Date: July 18, 2024
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
Language: Go
Severity Score
Related Resources (10)
Severity Score
Weakness Type (CWE)
Incorrect Default Permissions
CWE-276Top Fix

Upgrade Version
Upgrade to version k8s.io/kubernetes - v1.27.16;k8s.io/kubernetes - v1.28.12;k8s.io/kubernetes - v1.29.7;k8s.io/kubernetes - v1.30.3
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | HIGH |
Integrity (I): | LOW |
Availability (A): | NONE |