CVE-2018-1002105

Severity

75%

Complexity

99%

Confidentiality

106%

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.

In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.

CVSS 3.0 Base Score 9.8. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

First reported 6 years ago

2018-12-05 21:29:00

Last updated 5 years ago

2019-06-28 21:15:00

Affected Software

Kubernetes 1.9.12 Beta 0

1.9.12

Red Hat OpenShift Container Platform 3.2

3.2

Red Hat OpenShift Container Platform 3.3

3.3

Red Hat OpenShift Container Platform 3.4

3.4

Red Hat OpenShift Container Platform 3.5

3.5

Red Hat OpenShift Container Platform 3.6

3.6

Red Hat OpenShift Container Platform 3.8

3.8

Red Hat OpenShift Container Platform 3.10

3.10

Red Hat OpenShift Container Platform 3.11

3.11

NetApp Trident

References

openSUSE-SU-2020:0554

[oss-security] 20190628 Re: linux-distros membership application - Microsoft

[oss-security] 20190706 Re: linux-distros membership application - Microsoft

[oss-security] 20190706 Re: linux-distros membership application - Microsoft

106068

Third Party Advisory, VDB Entry

RHSA-2018:3537

Third Party Advisory

RHSA-2018:3549

Third Party Advisory

RHSA-2018:3551

Third Party Advisory

RHSA-2018:3598

Third Party Advisory

RHSA-2018:3624

Third Party Advisory

RHSA-2018:3742

Third Party Advisory

RHSA-2018:3752

Third Party Advisory

RHSA-2018:3754

Third Party Advisory

https://github.com/evict/poc_CVE-2018-1002105

Exploit, Third Party Advisory

https://github.com/kubernetes/kubernetes/issues/71411

Issue Tracking, Mitigation, Patch, Third Party Advisory

https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88

Mailing List, Third Party Advisory

https://security.netapp.com/advisory/ntap-20190416-0001/

Third Party Advisory

https://www.coalfire.com/The-Coalfire-Blog/December-2018/Kubernetes-Vulnerability-What-You-Can-Should-Do

Mitigation, Third Party Advisory

46052

Exploit, Third Party Advisory, VDB Entry

46053

Exploit, Third Party Advisory, VDB Entry

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.