Kubernetes CVE-2018-1002101 Command Injection Vulnerability
BID:106238
CVE-2018-1002101 |Info
Kubernetes CVE-2018-1002101 Command Injection Vulnerability
| Bugtraq ID: | 106238 |
| Class: | Unknown |
| CVE: |
CVE-2018-1002101 |
| Remote: | No |
| Local: | Yes |
| Published: | Dec 05 2018 12:00AM |
| Updated: | Dec 05 2018 12:00AM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
Kubernetes Kubernetes 1.11.1 Kubernetes Kubernetes 1.11 Kubernetes Kubernetes 1.10.5 Kubernetes Kubernetes 1.10.4 Kubernetes Kubernetes 1.10.3 Kubernetes Kubernetes 1.10.2 Kubernetes Kubernetes 1.10.1 Kubernetes Kubernetes 1.10 Kubernetes Kubernetes 1.9.9 Kubernetes Kubernetes 1.9.8 Kubernetes Kubernetes 1.9.7 Kubernetes Kubernetes 1.9.6 Kubernetes Kubernetes 1.9.5 Kubernetes Kubernetes 1.9.4 Kubernetes Kubernetes 1.9.3 Kubernetes Kubernetes 1.9.2 Kubernetes Kubernetes 1.9.1 Kubernetes Kubernetes 1.9 |
| Not Vulnerable: |
Kubernetes Kubernetes 1.12 Kubernetes Kubernetes 1.11.2 Kubernetes Kubernetes 1.10.6 Kubernetes Kubernetes 1.9.10 |
Discussion
Kubernetes CVE-2018-1002101 Command Injection Vulnerability
Kubernetes is prone to a command injection vulnerability.
An attacker may exploit this issue to inject and execute arbitrary commands with SYSTEM user privileges; this may aid in further attacks.
The following versions are vulnerable:
Kubernetes 1.9.0 through 1.9.9
Kubernetes 1.10.0 through 1.10.5
Kubernetes 1.11.0 and 1.11.1
Kubernetes is prone to a command injection vulnerability.
An attacker may exploit this issue to inject and execute arbitrary commands with SYSTEM user privileges; this may aid in further attacks.
The following versions are vulnerable:
Kubernetes 1.9.0 through 1.9.9
Kubernetes 1.10.0 through 1.10.5
Kubernetes 1.11.0 and 1.11.1