nvd-json-data-feeds/CVE-2019/CVE-2019-112xx/CVE-2019-11251.json

{
  "id": "CVE-2019-11251",
  "sourceIdentifier": "jordan@liggitt.net",
  "published": "2020-02-03T16:15:11.140",
  "lastModified": "2020-02-06T17:37:53.460",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree."
    },
    {
      "lang": "es",
      "value": "El comando kubectl cp de Kubernetes en las versiones 1.1-1.12 y versiones anteriores a 1.13.11, 1.14.7 y 1.15.4, permite una combinaci\u00f3n de dos enlaces simb\u00f3licos proporcionados mediante la salida tar de un contenedor malicioso para colocar un archivo fuera del directorio de destino especificado en la invocaci\u00f3n de kubectl cp. Esto podr\u00eda ser usado para permitir aun atacante colocar un archivo nefasto usando un enlace simb\u00f3lico, fuera del \u00e1rbol de destino."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 3.6
      },
      {
        "source": "jordan@liggitt.net",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "LOW",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "availabilityImpact": "NONE",
          "baseScore": 4.8,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 3.6
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "MEDIUM",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 4.3
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": true
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-59"
        }
      ]
    },
    {
      "source": "jordan@liggitt.net",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-61"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "1.13.0",
              "versionEndExcluding": "1.13.11",
              "matchCriteriaId": "8E20ECB8-B503-4DB2-BCDB-D28E53523C9E"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "1.14.0",
              "versionEndExcluding": "1.14.7",
              "matchCriteriaId": "CFCC3601-5C5D-4304-AE8E-E75F262A5CC6"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*",
              "versionStartIncluding": "1.15.0",
              "versionEndExcluding": "1.15.4",
              "matchCriteriaId": "7A4A079B-AA15-49F4-9861-D99D6FAEE758"
            },
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:a:kubernetes:kubernetes:1.1-1.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF182631-B804-429A-A1EC-B9BCE60FDA93"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/kubernetes/kubernetes/issues/87773",
      "source": "jordan@liggitt.net",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ",
      "source": "jordan@liggitt.net",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ]
    }
  ]
}