Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
169
VMScore

CVE-2019-11244

Published: 22/04/2019 Updated: 02/10/2020
CVSS v2 Base Score: 1.9 | Impact Score: 2.9 | Exploitability Score: 3.4
CVSS v3 Base Score: 5 | Impact Score: 3.6 | Exploitability Score: 1.3
VMScore: 169
Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Kubernetes

Vulnerability Summary

In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to other users/groups, the written files may be modified by other users/groups and disrupt the kubectl invocation.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

kubernetes kubernetes

netapp trident -

redhat openshift container platform 3.11

redhat openshift container platform 4.1

Vendor Advisories

Red Hat: Low: OpenShift Container Platform 4.1.24 openshift security update
Synopsis Low: OpenShift Container Platform 4124 openshift security update Type/Severity Security Advisory: Low Topic An update for openshift is now available for Red Hat OpenShift Container Platform 41Red Hat Product Security has rated this update as having a security impact of Low A Common Vulnerabili ...
Red Hat: Low: OpenShift Container Platform 3.11 atomic-openshift security update
Synopsis Low: OpenShift Container Platform 311 atomic-openshift security update Type/Severity Security Advisory: Low Topic An update for atomic-openshift is now available for Red Hat OpenShift Container Platform 311Red Hat Product Security has rated this update as having a security impact of Low A Commo ...
Red Hat: Low: OpenShift Container Platform 4.1 openshift-enterprise-cli-container security update
Synopsis Low: OpenShift Container Platform 41 openshift-enterprise-cli-container security update Type/Severity Security Advisory: Low Topic An update for openshift-enterprise-cli-container is now available for Red Hat OpenShift Container Platform 41Red Hat Product Security has rated this update as having ...
Red Hat: CVE-2019-11244
Impact: Low Public Date: 2019-04-22 CWE: CWE-732 Bugzilla: 1703209: CVE-2019-11244 kubernetes: Schema i ...

References

CWE-732https://github.com/kubernetes/kubernetes/issues/76676http://www.securityfocus.com/bid/108064https://security.netapp.com/advisory/ntap-20190509-0002/https://access.redhat.com/errata/RHSA-2019:3942https://access.redhat.com/errata/RHSA-2020:0020https://access.redhat.com/errata/RHSA-2020:0074https://nvd.nist.govhttps://access.redhat.com/errata/RHSA-2019:3942https://access.redhat.com/security/cve/cve-2019-11244
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook