CVE-2019-11244 — MEDIUM (5.0)

Q: How severe is CVE-2019-11244?

CVE-2019-11244 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-11244?

Check the references section above for vendor advisories and patch information. Affected products include: Kubernetes Kubernetes, Netapp Trident, Redhat Openshift Container Platform.

Vulnerability Description

In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If --cache-dir is specified and pointed at a different location accessible to other users/groups, the written files may be modified by other users/groups and disrupt the kubectl invocation.

CVSS Score

5.0

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Kubernetes	Kubernetes	>= 1.8.0, <= 1.14.1
Netapp	Trident	-
Redhat	Openshift Container Platform	3.11

Related Weaknesses (CWE)

CWE-732 CWE-524

References

http://www.securityfocus.com/bid/108064Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2019:3942Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0020Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0074Third Party Advisory
https://github.com/kubernetes/kubernetes/issues/76676Third Party Advisory
https://security.netapp.com/advisory/ntap-20190509-0002/Third Party Advisory
http://www.securityfocus.com/bid/108064Third Party AdvisoryVDB Entry
https://access.redhat.com/errata/RHSA-2019:3942Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0020Third Party Advisory
https://access.redhat.com/errata/RHSA-2020:0074Third Party Advisory
https://github.com/kubernetes/kubernetes/issues/76676Third Party Advisory
https://security.netapp.com/advisory/ntap-20190509-0002/Third Party Advisory

FAQ

What is CVE-2019-11244?

CVE-2019-11244 is a vulnerability with a CVSS score of 5.0 (MEDIUM). In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the location specified by --cache-dir (defaulting to $HOME/.kube/http-cache), written with world-writeable permissions (rw-rw-rw-). If...

How severe is CVE-2019-11244?

CVE-2019-11244 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-11244?

Check the references section above for vendor advisories and patch information. Affected products include: Kubernetes Kubernetes, Netapp Trident, Redhat Openshift Container Platform.