PT-2020-9759 · Canonical · Microk8S

Denis Andzakovic

Published

2020-04-08

Updated

2020-10-16

CVE-2019-15789

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MicroK8s versions prior to 1.15.3

Description A privilege escalation issue allows a low-privilege user with local access to obtain root access to the host by provisioning a privileged container.

Recommendations For versions prior to 1.15.3, update to MicroK8s 1.15.3 to resolve the issue. As a temporary workaround, consider restricting local access to prevent low-privilege users from provisioning privileged containers.

Exploit

Fix

Improper Privilege Management

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-269

Related Identifiers

CVE-2019-15789

Affected Products

Microk8S

PT-2020-9759 · Canonical · Microk8S

CVE-2019-15789

Weakness Enumeration

Related Identifiers

Affected Products

References · 7