CVE-2019-15789

Sažetak

Privilege escalation vulnerability in MicroK8s allows a low privilege user with local access to obtain root access to the host by provisioning a privileged container. Fixed in MicroK8s 1.15.3.

Reference

https://discuss.kubernetes.io/t/explicit-use-of-sudo-in-microk8s-cli/7605
https://github.com/ubuntu/microk8s/pull/590
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-15789.html
https://pulsesecurity.co.nz/advisories/microk8s-privilege-escalation

CVSS

Base:	7.2
Impact:	10.0
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

16-10-2020 - 16:29

Objavljeno

08-04-2020 - 01:15