Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
CVSS v3.0 Score
9.8
/ 10.0
CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Information
- Published
- 17 juil. 2017
- Updated
- 20 avr. 2025
- Status
- Deferred
- Source
- cve@mitre.org
Affected products
kubernetes kubernetesAll Kubernetes CVEs →
Versions : 1.5.0, 1.5.1, 1.5.2, 1.5.3, 1.5.4
Weaknesses (CWE)
CWE-862
References (2)
- https://github.com/kubernetes/kubernetes/issues/43459MitigationThird Party Advisory
- https://github.com/kubernetes/kubernetes/issues/43459MitigationThird Party Advisory
Similar CVEs
Other vulnerabilities of type CWE-862
Loading…
Monitor your products
Get automatic alerts for every new CVE affecting your equipment.