Kubernetes Security Issue (CVE-2019-11249)
|
Información sobre el sistema
|
|
|
Software afectado |
AmazonWS |
Descripción
|
Last Updated: August 15, 2019 9:00AM PDT CVE Identifier: CVE-2019-11249 AWS is aware of a security issue (CVE-2019-11249) which resolves incomplete fixes for CVE-2019-1002101 and CVE-2019-11246. Like the aforementioned CVEs, the issue is in the Kubernetes kubectl tool that could allow a malicious container to replace or create files on a users workstation. If a user were to run an untrusted container containing a malicious version of the tar command and execute the kubectl cp operation, the
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2019-007/ |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2019-11249 ,CVE-2019-1002101 and CVE-2019-11246. |