Kubernetes Privilege Escalation

GHSA-2jx2-76rc-2v7v · CVE-2017-1000056 · GO-2023-1492

Published May 12, 2021 · Modified Aug 20, 2024

Description

Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-1000056
WEB https://github.com/kubernetes/kubernetes/issues/43459
WEB https://github.com/kubernetes/kubernetes/commit/7fef0a4f6a44ea36f166c39fdade5324eff2dd5e
PACKAGE https://github.com/kubernetes/kubernetes

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes