Source |
CVE Liste |
Identifiant |
2227276 |
Date de publication |
2021-01-21 17:15:14 (vue: 2021-01-21 20:05:59) |
Titre |
CVE-2020-8567 |
Texte |
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass objects to write to arbitrary file paths on the host filesystem, including /var/lib/kubelet/pods. |
Envoyé |
Oui |
Condensat |
/var/lib/kubelet/pods 2020 8567 allow arbitrary attacker azure can crafted create csi cve driver file filesystem gcp host including kubernetes objects paths plugin prior secretproviderclass secrets specially store vault who write |
Tags |
|
Stories |
Uber
|
Notes |
|
Move |
|