Vulnerability Description
A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container logs.
CVSS Score
6.1
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Related Weaknesses (CWE)
References
- https://github.com/kubernetes/kubernetes/issues/126161
- https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0
- http://www.openwall.com/lists/oss-security/2024/07/17/3
- https://github.com/kubernetes/kubernetes/issues/126161
- https://groups.google.com/g/kubernetes-security-announce/c/81c0BHkKNt0
FAQ
What is CVE-2024-5321?
CVE-2024-5321 is a vulnerability with a CVSS score of 6.1 (MEDIUM). A security issue was discovered in Kubernetes clusters with Windows nodes where BUILTIN\Users may be able to read container logs and NT AUTHORITY\Authenticated Users may be able to modify container lo...
How severe is CVE-2024-5321?
CVE-2024-5321 has been rated MEDIUM with a CVSS base score of 6.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-5321?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.