From 07d47499a74571f660965125129d299eb2a2d03e Mon Sep 17 00:00:00 2001 From: Jordan Liggitt Date: Fri, 30 Nov 2018 10:34:30 -0500 Subject: [PATCH] CVE-2018-1002105 --- 2018/1002xxx/CVE-2018-1002105.json | 147 +++++++++++++++++++++++++---- 1 file changed, 131 insertions(+), 16 deletions(-) diff --git a/2018/1002xxx/CVE-2018-1002105.json b/2018/1002xxx/CVE-2018-1002105.json index 6b7f2c91e66..428630da64b 100644 --- a/2018/1002xxx/CVE-2018-1002105.json +++ b/2018/1002xxx/CVE-2018-1002105.json @@ -1,21 +1,136 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "DATE_ASSIGNED": "2018-11-05", - "STATE": "RESERVED", - "ID": "CVE-2018-1002105", - "ASSIGNER": "jordan@liggitt.net" - }, - "description": { - "description_data" : [ + "CVE_data_meta": { + "ASSIGNER": "jordan@liggitt.net", + "DATE_ASSIGNED": "2018-11-05", + "ID": "CVE-2018-1002105", + "STATE": "PUBLIC" + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "affects": { + "vendor": { + "vendor_data": [ { - "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product": { + "product_data": [ + { + "product_name": "Kubernetes", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "v1.0.x" + }, + { + "version_affected": "=", + "version_value": "v1.1.x" + }, + { + "version_affected": "=", + "version_value": "v1.2.x" + }, + { + "version_affected": "=", + "version_value": "v1.3.x" + }, + { + "version_affected": "=", + "version_value": "v1.4.x" + }, + { + "version_affected": "=", + "version_value": "v1.5.x" + }, + { + "version_affected": "=", + "version_value": "v1.6.x" + }, + { + "version_affected": "=", + "version_value": "v1.7.x" + }, + { + "version_affected": "=", + "version_value": "v1.8.x" + }, + { + "version_affected": "=", + "version_value": "v1.9.x" + }, + { + "version_affected": "<", + "version_value": "v1.10.11" + }, + { + "version_affected": "<", + "version_value": "v1.11.5" + }, + { + "version_affected": "<", + "version_value": "v1.12.3" + } + ] + } + } + ] + }, + "vendor_name": "Kubernetes" } ] } - } - - \ No newline at end of file + }, + "credit": [ + "Reported by Darren Shepherd" + ], + "description": { + "description_data": [ + { + "lang": "eng", + "value": "In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection." + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Unchecked Error Condition" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88", + "refsource": "CONFIRM", + "url": "https://groups.google.com/forum/#!topic/kubernetes-announce/GVllWCg6L88" + }, + { + "name": "https://github.com/kubernetes/kubernetes/issues/71411", + "refsource": "CONFIRM", + "url": "https://github.com/kubernetes/kubernetes/issues/71411" + } + ] + } +} \ No newline at end of file