CVE-2024-9042

CVSS v2.0

6.6

Medium

Vector

AV:N/AC:H/Au:S/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Kubernetes versions prior to 1.29.14 Kubernetes versions prior to 1.30.10 Kubernetes versions prior to 1.31.6

Description This issue is a command injection affecting Windows worker nodes via the /logs query API. The vulnerability allows attackers to execute arbitrary commands on the host machine. The pattern parameter of the NodeLogQuery feature is directly passed to PowerShell without filtering, enabling command injection for any user or service account with GET permissions on nodes/logs. Successful exploitation allows execution of commands with SYSTEM privileges on all Windows nodes.

Recommendations Upgrade Kubernetes to version 1.29.14 or later. Upgrade Kubernetes to version 1.30.10 or later. Upgrade Kubernetes to version 1.31.6 or later.

Fix

RCE

Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-77

Related Identifiers

ALT-PU-2025-4533

ALT-PU-2025-4535

ALT-PU-2025-4536

BDU:2025-00672

CVE-2024-9042

ECHO-0DED-644A-1F25

GHSA-VV39-3W5Q-974Q

GO-2025-3522

OPENSUSE-SU-2025:14937-1

Affected Products

Alt Linux

Kubernetes

CVE-2024-9042

Weakness Enumeration

Related Identifiers

Affected Products

References · 89