Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

Kubernetes

#a6081bf6-c852-4425-ad4f-a67919267565
PolicyEmail

Short Name

kubernetes

Program Role

CNA

Top Level Root

MITRE Corporation

Security Advisories

View Advisories

Domain

kubernetes.io

Country

USA

Scope

Kubernetes issues only.
Reported CVEsVendorsProductsReports
101Vulnerabilities found
CVE-2017-1002100
Assigner-Kubernetes
ShareView Details
Assigner-Kubernetes
CVSS Score-6.5||MEDIUM
EPSS-0.37% / 57.92%
||
7 Day CHG~0.00%
Published-14 Sep, 2017 | 13:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to "container" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal.

Action-Not Available
Vendor-Kubernetes
Product-kubernetesKubernetes
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
  • Previous
  • 1
  • 2
  • 3
  • Next