Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD.
oryginał ENCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HCloudfoundry Container Runtime
APPCloudfoundry< 0.29.0
Powiązane podatności
Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s worker nodes that contains a configurat...
Starting with diego-release 2.55.0 and up to 2.69.0, and starting with CF Deployment 17.1 and up to 23.2.0, ap...
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or o...
Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java components that are using an insecure proto...
Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using...