CVE-2019-11248

{"id": "CVE-2019-11248", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Secondary", "source": "jordan@liggitt.net", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 4.2, "exploitabilityScore": 3.9}]}, "published": "2019-08-29T01:15:11.367", "references": [{"url": "https://github.com/kubernetes/kubernetes/issues/81023", "tags": ["Patch", "Third Party Advisory"], "source": "jordan@liggitt.net"}, {"url": "https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ", "tags": ["Mailing List", "Third Party Advisory"], "source": "jordan@liggitt.net"}, {"url": "https://security.netapp.com/advisory/ntap-20190919-0003/", "tags": ["Third Party Advisory"], "source": "jordan@liggitt.net"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-862"}]}, {"type": "Secondary", "source": "jordan@liggitt.net", "description": [{"lang": "en", "value": "CWE-419"}]}], "descriptions": [{"lang": "en", "value": "The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration."}, {"lang": "es", "value": "El extremo de depuraci\u00f3n /debug/pprof se expone a trav\u00e9s del puerto de salud de Kubelet no autenticado. El punto final del pprof go se expone sobre el puerto healthz del Kubelet. Este extremo de depuraci\u00f3n puede filtrar informaci\u00f3n confidencial, como las direcciones internas de memoria y la configuraci\u00f3n de Kubelet, o por una denegaci\u00f3n de servicio limitada. Las versiones anteriores a 1.15.0, 1.14.4, 1.13.8 y 1.12.10 se ven afectadas. El problema es de gravedad media, pero no expuesto por la configuraci\u00f3n predeterminada."}], "lastModified": "2020-10-05T13:50:49.213", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF491B76-31AF-401F-BDCA-2B825BD00B18", "versionEndExcluding": "1.12.10"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46561812-D492-4752-B461-726CB59ACF20"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "23A873E8-B8AA-4F44-B7D5-25F4C40CCA91"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F708C4D8-12E6-4CBC-8ECD-A5F0F5EFDA39"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA9EC2A9-1C77-4701-8F93-8000FF716AB4"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:alpha3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2CBA108A-AE8C-4C6D-AEDC-22B628FAC588"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F82D886D-F427-45D1-B39B-51D7C1945AAB"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "52E0AE58-9B46-4404-B83E-41A0AD5A4CC6"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "579E840C-9FE1-4843-B93F-16D64D19A4DB"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4A0A3812-0619-4D6C-8192-96BDE9DBC809"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.0:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "14AD34AC-D1CB-4E37-B570-C902F6033D30"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F69FEB72-F836-4AE3-99BB-3237A9011089"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.1:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2BD120EE-6A09-46FC-B6EB-40CD44B54450"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "ED1F6346-9C0B-4916-9FEF-9CFB1A19F977"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.2:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "06674061-F269-4176-8A4B-6FF9D3E8A5B6"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FEEE7CFF-9B3E-4B76-AFF6-18626060F46B"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.3:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "028EB2D3-3490-4D12-B2E4-C330B015F0E7"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.4:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1B34DB5C-F1C0-42E3-A3E8-300C2E87FE04"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.4:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "471B216A-3B92-4033-8E06-8523EA167132"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.5:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1E81600-D293-4B9B-BDB6-4057308A7876"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.5:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59EA6211-D671-42EC-BEAE-698CB47FD529"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.6:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4DA1071A-7489-45B5-875C-D3F8401BC726"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.6:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CC774DD-08F0-4AC4-A0A9-67F86A7ED2E5"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.7:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BAE36DCA-CBFD-4536-9760-5B6BEF1FFDAF"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.7:beta.0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AE75E512-849E-4153-A469-EB271DB58F2D"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.13.8:beta.0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4CEF4BDF-5189-4FD9-8037-DD15E147F611"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "428B51D5-37DA-4C4D-A4BF-09F8CAB04A94"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "34A6AC2D-82C4-4E1F-8D9A-159E31A4F790"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "002991E8-6CC8-4F58-89B3-0B1AF2447DD5"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9EA02FED-0377-4E4B-A86F-EE44F0E27360"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:alpha3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1496A02B-29F5-4DD5-B9FE-B39C5B77E8CF"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59D7C9A1-A467-46A5-A03E-A04BD35287C7"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "41BF2E7F-E6DB-4ED0-B943-247B4F592C7E"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF0406C1-854E-4B4D-AC1E-7DE304356030"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "300E9B49-446B-406C-B219-360BD97D6EC1"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.1:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3AEA05A4-1B15-4E86-AD77-9D0BC1822AC7"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.1:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FD7A10F0-A32E-4B56-8706-F09CE7914557"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.2:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "149679C2-2A81-4783-8CFD-13DC0FD5BE4B"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.2:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EB97EBDA-CC98-4D92-B3F9-1BFBB21898B8"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.3:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3CBB6E83-04DF-4B19-B638-F1F3183BE8C2"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.3:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C6EB704F-AA52-4308-9451-9700EAB596F8"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.14.4:beta.0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D72214C5-AA44-4937-A42A-C2FD1E0EF7D0"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B87B49B8-1441-45B6-9A72-E3C5A278883D"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5A14876D-D0FA-4883-AEC6-28E29F5E3CA7"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "401E0997-C67F-471C-B596-92B9773A3AEF"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:alpha3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BF1B7B10-AC15-4022-BDC9-71CF82130E3B"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta0:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "550C5D3B-2C70-4411-A54D-3D07EAEFD7E7"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE430085-EA45-43B6-8AF2-30AD462D0F69"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:beta2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5652A16C-F032-4FC0-BFEC-04768D259470"}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:1.15.0:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "874991D0-5C48-4D10-B2E4-51D6BE2298E4"}], "operator": "OR"}]}], "sourceIdentifier": "jordan@liggitt.net"}