CVE-2024-9042 — MEDIUM (5.9)

Vulnerability Description

This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.

CVSS Score

5.9

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

NONE

Related Weaknesses (CWE)

CWE-20

References

https://github.com/kubernetes/kubernetes/issues/129654
https://groups.google.com/g/kubernetes-security-announce/c/9C3vn6aCSVg
http://www.openwall.com/lists/oss-security/2025/01/16/1

FAQ

What is CVE-2024-9042?

CVE-2024-9042 is a vulnerability with a CVSS score of 5.9 (MEDIUM). This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.

How severe is CVE-2024-9042?

CVE-2024-9042 has been rated MEDIUM with a CVSS base score of 5.9/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2024-9042?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.