CVE-2019-3779

Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD.

Published : 2019-03-08 16:29 Updated : 2019-10-09 23:49

4.0
CVSS Score More info
Score 4.0 / 10
4.0
Vendor Product Version URI
Cloudfoundry Container Runtime 0.0.1 cpe:/a:cloudfoundry:container_runtime:0.0.1
Cloudfoundry Container Runtime 0.0.2 cpe:/a:cloudfoundry:container_runtime:0.0.2
Cloudfoundry Container Runtime 0.0.3 cpe:/a:cloudfoundry:container_runtime:0.0.3
Cloudfoundry Container Runtime 0.0.4 cpe:/a:cloudfoundry:container_runtime:0.0.4
Cloudfoundry Container Runtime 0.0.5 cpe:/a:cloudfoundry:container_runtime:0.0.5
Cloudfoundry Container Runtime 0.6.0 cpe:/a:cloudfoundry:container_runtime:0.6.0
Cloudfoundry Container Runtime 0.7.0 cpe:/a:cloudfoundry:container_runtime:0.7.0
Cloudfoundry Container Runtime 0.8.0 cpe:/a:cloudfoundry:container_runtime:0.8.0
Cloudfoundry Container Runtime 0.8.1 cpe:/a:cloudfoundry:container_runtime:0.8.1
Cloudfoundry Container Runtime 0.9.0 cpe:/a:cloudfoundry:container_runtime:0.9.0
Cloudfoundry Container Runtime 0.10.0 cpe:/a:cloudfoundry:container_runtime:0.10.0
Cloudfoundry Container Runtime 0.11.0 cpe:/a:cloudfoundry:container_runtime:0.11.0
Cloudfoundry Container Runtime 0.11.1 cpe:/a:cloudfoundry:container_runtime:0.11.1
Cloudfoundry Container Runtime 0.12.0 cpe:/a:cloudfoundry:container_runtime:0.12.0
Cloudfoundry Container Runtime 0.13.0 cpe:/a:cloudfoundry:container_runtime:0.13.0
Cloudfoundry Container Runtime 0.14.0 cpe:/a:cloudfoundry:container_runtime:0.14.0
Cloudfoundry Container Runtime 0.15.0 cpe:/a:cloudfoundry:container_runtime:0.15.0
Cloudfoundry Container Runtime 0.16.0 cpe:/a:cloudfoundry:container_runtime:0.16.0
Cloudfoundry Container Runtime 0.16.1 cpe:/a:cloudfoundry:container_runtime:0.16.1
Cloudfoundry Container Runtime 0.16.3 cpe:/a:cloudfoundry:container_runtime:0.16.3
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:-
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:alpha0
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:alpha1
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:alpha2
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:alpha4
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:alpha5
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:alpha6
Cloudfoundry Container Runtime 0.17.0 cpe:/a:cloudfoundry:container_runtime:0.17.0:alpha7
Cloudfoundry Container Runtime 0.18.0 cpe:/a:cloudfoundry:container_runtime:0.18.0
Cloudfoundry Container Runtime 0.19.0 cpe:/a:cloudfoundry:container_runtime:0.19.0
Cloudfoundry Container Runtime 0.20.0 cpe:/a:cloudfoundry:container_runtime:0.20.0
Cloudfoundry Container Runtime 0.21.0 cpe:/a:cloudfoundry:container_runtime:0.21.0
Cloudfoundry Container Runtime 0.22.0 cpe:/a:cloudfoundry:container_runtime:0.22.0
Cloudfoundry Container Runtime 0.23.0 cpe:/a:cloudfoundry:container_runtime:0.23.0
Cloudfoundry Container Runtime 0.24.0 cpe:/a:cloudfoundry:container_runtime:0.24.0:-
Cloudfoundry Container Runtime 0.24.0 cpe:/a:cloudfoundry:container_runtime:0.24.0:alpha1
Cloudfoundry Container Runtime 0.25.0 cpe:/a:cloudfoundry:container_runtime:0.25.0
Cloudfoundry Container Runtime 0.26.0 cpe:/a:cloudfoundry:container_runtime:0.26.0
Cloudfoundry Container Runtime 0.27.0 cpe:/a:cloudfoundry:container_runtime:0.27.0
Cloudfoundry Container Runtime 0.28.0 cpe:/a:cloudfoundry:container_runtime:0.28.0
  1. Cloudfoundry (1) Search CVE
    1. Container Runtime (32) Search CVE
      1. 0.0.1
      2. 0.0.2
      3. 0.0.3
      4. 0.0.4
      5. 0.0.5
      6. 0.6.0
      7. 0.7.0
      8. 0.8.0
      9. 0.8.1
      10. 0.9.0
      11. 0.10.0
      12. 0.11.0
      13. 0.11.1
      14. 0.12.0
      15. 0.13.0
      16. 0.14.0
      17. 0.15.0
      18. 0.16.0
      19. 0.16.1
      20. 0.16.3
      21. 0.17.0
      22. 0.18.0
      23. 0.19.0
      24. 0.20.0
      25. 0.21.0
      26. 0.22.0
      27. 0.23.0
      28. 0.24.0
      29. 0.25.0
      30. 0.26.0
      31. 0.27.0
      32. 0.28.0

CWE

ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE

Reference

History of changes

Date Event
2019-10-09 23:49
2019-03-12 19:20
2019-03-08 16:29

New CVE