Privilege escalation vulnerability in kubernetes (rpm)ID: oval:org.secpod.oval:def:49672 | Date: (C)2018-12-07 (M)2022-10-10 |
Class: VULNERABILITY | Family: unix |
The host is installed with Kubernetes versions prior to 1.10.11, 1.11.5, and 1.12.3 and is prone to a privilege escalation vulnerability. A flaw is present in the application, which fails to handle error responses to proxied upgrade requests in the kube-apiserver. Successful exploitation allows attackers to gain elevated privileges and perform unauthorized actions.
Product: |
kubeadm |
kubelet |
kubectl |