CVE-2019-11252 - OpenCVE

The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Kubernetes	Kubernetes
Redhat	Openshift

Configuration 1 [-]

cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*

Package	CPE	Advisory	Released Date
Red Hat OpenShift Container Platform 4.5
openshift4/ose-hyperkube:v4.5.0-202007100518.p0	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:2412	2020-07-13T00:00:00Z
openshift-0:4.5.0-202007012112.p0.git.0.582d7fc.el7	cpe:/a:redhat:openshift:4.5::el7	RHSA-2020:2413	2020-07-13T00:00:00Z

References

Link	Providers
https://github.com/kubernetes/kubernetes/pull/88684
https://nvd.nist.gov/vuln/detail/CVE-2019-11252
https://www.cve.org/CVERecord?id=CVE-2019-11252

History

No history.

MITRE

Status: PUBLISHED

Assigner: kubernetes

Published: 2020-07-23T14:47:38.187100Z

Updated: 2024-09-17T04:24:20.027Z

Reserved: 2019-04-17T00:00:00

Link: CVE-2019-11252

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-07-23T15:15:11.930

Modified: 2020-07-28T16:27:48.660

Link: CVE-2019-11252

Redhat

Severity : Moderate

Publid Date: 2020-03-04T00:00:00Z

Links: CVE-2019-11252 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "Kubernetes", "vendor": "Kubernetes", "versions": [{"status": "affected", "version": "1.16"}, {"status": "affected", "version": "1.17"}, {"status": "affected", "version": "1.6"}, {"status": "affected", "version": "1.7"}, {"status": "affected", "version": "1.8"}, {"status": "affected", "version": "1.9"}, {"status": "affected", "version": "1.10"}, {"status": "affected", "version": "1.11"}, {"status": "affected", "version": "1.12"}, {"status": "affected", "version": "1.13"}, {"status": "affected", "version": "1.14"}, {"status": "affected", "version": "1.15"}]}], "credits": [{"lang": "en", "value": "Christopher J. Ruwe"}], "datePublic": "2020-03-04T00:00:00", "descriptions": [{"lang": "en", "value": "The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-209", "description": "CWE-209 Information Exposure Through an Error Message", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-07-23T14:47:38", "orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/kubernetes/kubernetes/pull/88684"}], "source": {"defect": ["https://github.com/kubernetes/kubernetes/pull/88684"], "discovery": "EXTERNAL"}, "title": "Credential leakage when failing to mount", "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@kubernetes.io", "DATE_PUBLIC": "2020-03-04T05:00:00.000Z", "ID": "CVE-2019-11252", "STATE": "PUBLIC", "TITLE": "Credential leakage when failing to mount"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Kubernetes", "version": {"version_data": [{"version_name": "1.16", "version_value": "1.16"}, {"version_name": "1.17", "version_value": "1.17"}, {"version_name": "1.6", "version_value": "1.6"}, {"version_name": "1.7", "version_value": "1.7"}, {"version_name": "1.8", "version_value": "1.8"}, {"version_name": "1.9", "version_value": "1.9"}, {"version_name": "1.10", "version_value": "1.10"}, {"version_name": "1.11", "version_value": "1.11"}, {"version_name": "1.12", "version_value": "1.12"}, {"version_name": "1.13", "version_value": "1.13"}, {"version_name": "1.14", "version_value": "1.14"}, {"version_name": "1.15", "version_value": "1.15"}]}}]}, "vendor_name": "Kubernetes"}]}}, "credit": [{"lang": "eng", "value": "Christopher J. Ruwe"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-209 Information Exposure Through an Error Message"}]}]}, "references": {"reference_data": [{"name": "https://github.com/kubernetes/kubernetes/pull/88684", "refsource": "MISC", "url": "https://github.com/kubernetes/kubernetes/pull/88684"}]}, "source": {"defect": ["https://github.com/kubernetes/kubernetes/pull/88684"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T22:48:09.032Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kubernetes/kubernetes/pull/88684"}]}]}, "cveMetadata": {"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "assignerShortName": "kubernetes", "cveId": "CVE-2019-11252", "datePublished": "2020-07-23T14:47:38.187100Z", "dateReserved": "2019-04-17T00:00:00", "dateUpdated": "2024-09-17T04:24:20.027Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "878A4225-E52D-4F15-B997-2663E870FB92", "versionEndIncluding": "1.17.0", "versionStartIncluding": "1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes."}, {"lang": "es", "value": "El Kubernetes kube-controller-manager en versiones v1.0-v1.17, es vulnerable a una filtraci\u00f3n de credenciales por medio de mensajes de error en registros de fallo de montaje y eventos para vol\u00famenes de AzureFile y CephFS"}], "id": "CVE-2019-11252", "lastModified": "2020-07-28T16:27:48.660", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 4.2, "source": "jordan@liggitt.net", "type": "Secondary"}]}, "published": "2020-07-23T15:15:11.930", "references": [{"source": "jordan@liggitt.net", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/kubernetes/kubernetes/pull/88684"}], "sourceIdentifier": "jordan@liggitt.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-209"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-209"}], "source": "jordan@liggitt.net", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2020:2412", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "package": "openshift4/ose-hyperkube:v4.5.0-202007100518.p0", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-07-13T00:00:00Z"}, {"advisory": "RHSA-2020:2413", "cpe": "cpe:/a:redhat:openshift:4.5::el7", "package": "openshift-0:4.5.0-202007012112.p0.git.0.582d7fc.el7", "product_name": "Red Hat OpenShift Container Platform 4.5", "release_date": "2020-07-13T00:00:00Z"}], "bugzilla": {"description": "kubernetes: credential leak in kube-controller-manager via error messages in mount failure logs and events for AzureFile and CephFS volumes", "id": "1860158", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860158"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:N", "status": "verified"}, "cwe": "CWE-209", "details": ["The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes.", "A flaw was found in Kubernetes that allows the logging of credentials when mounting AzureFile and CephFS volumes. This flaw allows an attacker to access kubelet logs, read the credentials, and use them to access other services. The highest threat from this vulnerability is to confidentiality."], "name": "CVE-2019-11252", "package_state": [{"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Will not fix", "package_name": "atomic-openshift", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Not affected", "package_name": "ocs4/cephcsi-rhel8", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Not affected", "package_name": "ocs4/ocs-must-gather-rhel8", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Not affected", "package_name": "ocs4/ocs-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:openshift_container_storage:4", "fix_state": "Not affected", "package_name": "ocs4/rook-ceph-rhel8-operator", "product_name": "Red Hat Openshift Container Storage 4"}, {"cpe": "cpe:/a:redhat:storage:3", "fix_state": "Affected", "package_name": "heketi", "product_name": "Red Hat Storage 3"}], "public_date": "2020-03-04T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-11252\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11252"], "statement": "OpenShift Container Platform (OCP) included the upstream patch for this flaw in the release of version 4.5. Prior versions are affected as OCP 4 supports AzureFile volumes and OCP 3 supports both AzureFile and CephFS volumes. OCP clusters not using these volume types are not vulnerable.", "threat_severity": "Moderate", "upstream_fix": "kubernetes 1.18"}