{"containers": {"cna": {"affected": [{"product": "Kubernetes", "vendor": "Kubernetes", "versions": [{"lessThanOrEqual": "1.19.14", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "1.20.10", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "1.21.4", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "1.22.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "credits": [{"lang": "en", "value": "Fabricio Voznika & Mark Wolters"}], "descriptions": [{"lang": "en", "value": "A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-10-08T14:06:36", "orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/kubernetes/kubernetes/issues/104980"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20211008-0006/"}], "source": {"defect": ["https://github.com/kubernetes/kubernetes/issues/104980"], "discovery": "EXTERNAL"}, "title": "Symlink Exchange Can Allow Host Filesystem Access", "x_ConverterErrors": {"DATE_PUBLIC": {"error": "v4 DATE_PUBLIC is invalid", "message": "hour must be in 0..23"}}, "x_generator": {"engine": "Vulnogram 0.0.9"}, "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@kubernetes.io", "DATE_PUBLIC": "2021-09-15T121:15:00.000Z", "ID": "CVE-2021-25741", "STATE": "PUBLIC", "TITLE": "Symlink Exchange Can Allow Host Filesystem Access"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Kubernetes", "version": {"version_data": [{"version_affected": "<=", "version_value": "1.19.14"}, {"version_affected": "<=", "version_value": "1.20.10"}, {"version_affected": "<=", "version_value": "1.21.4"}, {"version_affected": "<=", "version_value": "1.22.1"}]}}]}, "vendor_name": "Kubernetes"}]}}, "credit": [{"lang": "eng", "value": "Fabricio Voznika & Mark Wolters"}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem."}]}, "generator": {"engine": "Vulnogram 0.0.9"}, "impact": {"cvss": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20: Improper Input Validation"}]}]}, "references": {"reference_data": [{"name": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s", "refsource": "MISC", "url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s"}, {"name": "https://github.com/kubernetes/kubernetes/issues/104980", "refsource": "MISC", "url": "https://github.com/kubernetes/kubernetes/issues/104980"}, {"name": "https://security.netapp.com/advisory/ntap-20211008-0006/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20211008-0006/"}]}, "source": {"defect": ["https://github.com/kubernetes/kubernetes/issues/104980"], "discovery": "EXTERNAL"}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:11:27.655Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/kubernetes/kubernetes/issues/104980"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20211008-0006/"}]}, {"affected": [{"vendor": "kubernetes", "product": "kubernetes", "cpes": ["cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "1.19.14", "versionType": "custom"}, {"version": "1.20.0", "status": "affected", "lessThanOrEqual": "1.20.10", "versionType": "custom"}, {"version": "1.21.0", "status": "affected", "lessThanOrEqual": "1.21.4", "versionType": "custom"}, {"version": "1.22.0", "status": "affected", "lessThanOrEqual": "1.22.1", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-20T13:25:58.469004Z", "id": "CVE-2021-25741", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-20T13:37:41.191Z"}}]}, "cveMetadata": {"assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "assignerShortName": "kubernetes", "cveId": "CVE-2021-25741", "dateReserved": "2021-01-21T00:00:00", "dateUpdated": "2024-09-16T23:26:06.351Z", "state": "PUBLISHED", "datePublished": "2021-09-20T17:05:21.097904Z"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://github.com/kubernetes/kubernetes/issues/104980", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://security.netapp.com/advisory/ntap-20211008-0006/", "tags": ["x_refsource_CONFIRM", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T20:11:27.655Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2021-25741", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-20T13:25:58.469004Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*"], "vendor": "kubernetes", "product": "kubernetes", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "1.19.14"}, {"status": "affected", "version": "1.20.0", "versionType": "custom", "lessThanOrEqual": "1.20.10"}, {"status": "affected", "version": "1.21.0", "versionType": "custom", "lessThanOrEqual": "1.21.4"}, {"status": "affected", "version": "1.22.0", "versionType": "custom", "lessThanOrEqual": "1.22.1"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-20T13:37:35.562Z"}}], "cna": {"title": "Symlink Exchange Can Allow Host Filesystem Access", "source": {"defect": ["https://github.com/kubernetes/kubernetes/issues/104980"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "Fabricio Voznika & Mark Wolters"}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "Kubernetes", "product": "Kubernetes", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "1.19.14"}, {"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "1.20.10"}, {"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "1.21.4"}, {"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "1.22.1"}]}], "references": [{"url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/kubernetes/kubernetes/issues/104980", "tags": ["x_refsource_MISC"]}, {"url": "https://security.netapp.com/advisory/ntap-20211008-0006/", "tags": ["x_refsource_CONFIRM"]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "descriptions": [{"lang": "en", "value": "A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation"}]}], "providerMetadata": {"orgId": "a6081bf6-c852-4425-ad4f-a67919267565", "shortName": "kubernetes", "dateUpdated": "2021-10-08T14:06:36"}, "x_legacyV4Record": {"credit": [{"lang": "eng", "value": "Fabricio Voznika & Mark Wolters"}], "impact": {"cvss": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, "source": {"defect": ["https://github.com/kubernetes/kubernetes/issues/104980"], "discovery": "EXTERNAL"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "1.19.14", "version_affected": "<="}, {"version_value": "1.20.10", "version_affected": "<="}, {"version_value": "1.21.4", "version_affected": "<="}, {"version_value": "1.22.1", "version_affected": "<="}]}, "product_name": "Kubernetes"}]}, "vendor_name": "Kubernetes"}]}}, "data_type": "CVE", "generator": {"engine": "Vulnogram 0.0.9"}, "references": {"reference_data": [{"url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s", "name": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s", "refsource": "MISC"}, {"url": "https://github.com/kubernetes/kubernetes/issues/104980", "name": "https://github.com/kubernetes/kubernetes/issues/104980", "refsource": "MISC"}, {"url": "https://security.netapp.com/advisory/ntap-20211008-0006/", "name": "https://security.netapp.com/advisory/ntap-20211008-0006/", "refsource": "CONFIRM"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-20: Improper Input Validation"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2021-25741", "STATE": "PUBLIC", "TITLE": "Symlink Exchange Can Allow Host Filesystem Access", "ASSIGNER": "security@kubernetes.io", "DATE_PUBLIC": "2021-09-15T121:15:00.000Z"}}, "x_ConverterErrors": {"DATE_PUBLIC": {"error": "v4 DATE_PUBLIC is invalid", "message": "hour must be in 0..23"}}}}, "cveMetadata": {"cveId": "CVE-2021-25741", "state": "PUBLISHED", "dateUpdated": "2024-09-16T23:26:06.351Z", "dateReserved": "2021-01-21T00:00:00", "assignerOrgId": "a6081bf6-c852-4425-ad4f-a67919267565", "datePublished": "2021-09-20T17:05:21.097904Z", "assignerShortName": "kubernetes"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "294F8F39-19EC-48D3-8013-C35B7E3076B5", "versionEndIncluding": "1.19.14", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "816775F6-5488-47BB-8080-DF5D12D14C69", "versionEndIncluding": "1.20.10", "versionStartIncluding": "1.20.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "A62C3A55-B83B-42E1-B6B1-E7395D2DB930", "versionEndIncluding": "1.21.4", "versionStartIncluding": "1.21.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*", "matchCriteriaId": "6683F913-E546-4C97-A5E7-09FB6FDB0D37", "versionEndIncluding": "1.22.1", "versionStartIncluding": "1.22.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem."}, {"lang": "es", "value": "Se ha detectado un problema de seguridad en Kubernetes en el que un usuario puede ser capaz de crear un contenedor con montajes de volumen de sub-ruta para acceder a archivos y directorios fuera del volumen, incluso en el sistema de archivos del host"}], "id": "CVE-2021-25741", "lastModified": "2021-11-30T22:42:34.020", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 5.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "jordan@liggitt.net", "type": "Secondary"}]}, "published": "2021-09-20T17:15:08.343", "references": [{"source": "jordan@liggitt.net", "tags": ["Mitigation", "Third Party Advisory"], "url": "https://github.com/kubernetes/kubernetes/issues/104980"}, {"source": "jordan@liggitt.net", "tags": ["Mailing List", "Mitigation"], "url": "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s"}, {"source": "jordan@liggitt.net", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20211008-0006/"}], "sourceIdentifier": "jordan@liggitt.net", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-552"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "jordan@liggitt.net", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank the Kubernetes Security Response Committee for reporting this issue. Upstream acknowledges Fabricio Voznika (Google) and Mark Wolters (Google) as the original reporters.", "affected_release": [{"advisory": "RHSA-2021:3646", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-0:3.11.524-1.git.0.2dffce7.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2021-09-30T00:00:00Z"}, {"advisory": "RHSA-2021:3642", "cpe": "cpe:/a:redhat:openshift:4.6::el7", "package": "openshift-0:4.6.0-202109180038.p0.git.d5ed12c.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.6", "release_date": "2021-09-29T00:00:00Z"}, {"advisory": "RHSA-2021:3635", "cpe": "cpe:/a:redhat:openshift:4.7::el7", "package": "openshift-0:4.7.0-202109172126.p0.git.bbbc079.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.7", "release_date": "2021-09-29T00:00:00Z"}, {"advisory": "RHSA-2021:3631", "cpe": "cpe:/a:redhat:openshift:4.8::el7", "package": "openshift-0:4.8.0-202109180335.p0.git.a620f50.assembly.stream.el8", "product_name": "Red Hat OpenShift Container Platform 4.8", "release_date": "2021-09-28T00:00:00Z"}], "bugzilla": {"description": "kubernetes: Symlink exchange can allow host filesystem access", "id": "1993749", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1993749"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-59", "details": ["A security issue was discovered in Kubernetes where a user may be able to create a container with subpath volume mounts to access files & directories outside of the volume, including on the host filesystem.", "A flaw was found in kubernetes. An authorized user can exploit this by creating pods with crafted subpath volume mounts to access files and directories outside of the volume, including on the host node's filesystem."], "mitigation": {"lang": "en:us", "value": "OpenShift Container Platform runs with SELinux in enforcing mode, which reduces the impact of this vulnerability, but does not completely prevent it from being exploited."}, "name": "CVE-2021-25741", "package_state": [{"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "openshift4/ose-alibaba-cloud-csi-driver-container-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2021-09-15T16:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-25741\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-25741\nhttps://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s"], "threat_severity": "Important", "upstream_fix": "kubernetes 1.22.2, kubernetes 1.21.5, kubernetes 1.20.11, kubernetes 1.19.15"}