High Severity

IBM Security Bulletin: IBM Cloud Kubernetes Service is affected by a privilege escalation vulnerability in Kubernetes API server

Share this post:

IBM Cloud Kubernetes Service is affected by a security vulnerability in Kubernetes which in some cases can allow unauthorized access to the Kubernetes API Server and/or trusted user privilege escalation.

CVE(s): CVE-2018-1002105

Affected product(s) and affected version(s):

IBM Cloud Kubernetes Service 1.12.0-1.12.2
IBM Cloud Kubernetes Service 1.11.0-1.11.4
IBM Cloud Kubernetes Service 1.10.0-1.10.10
IBM Cloud Kubernetes Service 1.5-1.9

Authenticated users on all affected versions can escalate their privileges to perform any API request using the kubelet API on nodes running pods where they have permissions to get, list or watch on these resources:

pods/attachpods/execpods/portforward

This includes listing all pods on the node, running arbitrary commands inside those pods, and obtaining the command output from running arbitrary commands.

Unauthenticated users can can gain full administrative access on any IBM Cloud Kubernetes cluster with aggregated API servers. All IBM Cloud Kubernetes Service clusters at version 1.12 deploy aggregated API servers. Clusters at version 1.11 and earlier are only affected if you have deployed your own aggregated API server.

Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: https://www-01.ibm.com/support/docview.wss?uid=ibm10743917
X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/153638

More stories

IBM Security Bulletin: Multiple vulnerabilities were identified in Node.js that affect IBM Cloud App Management V2018

Feb 15, 2019 9:00 am EST | High Severity

Multiple vulnerabilities were identified in Node.js that affected IBM Cloud App Management V2018. The product was updated to use a later version of Node.js to address these security vulnerabilities. CVE(s): CVE-2018-0732, CVE-2018-12115, CVE-2018-7166, CVE-2018-0737 Affected product(s) and affected version(s): IBM Cloud App Management V2018.2 Refer to the following reference URLs for remediation and additional vulnerability ...read more


IBM Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM

Feb 14, 2019 9:00 am EST | High Severity

PowerKVM is affected by vulnerabilities in the Linux kernel . IBM has now addressed these vulnerabilities. CVE(s): CVE-2018-10675, CVE-2018-7566, CVE-2017-13215 Affected product(s) and affected version(s): PowerKVM 3.1 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870832X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/142895X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/141112X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/137560 ...read more


IBM Security Bulletin: Apache Commons FileUpload Vulnerability Can Affect IBM Sterling Order Management (CVE-2016-1000031)

Feb 14, 2019 9:00 am EST | High Severity

IBM Sterling Order Management uses Apache Commons FileUpload and is affected by some of the vulnerabilities that exist in Apache Commons FileUpload. CVE(s): CVE-2016-1000031 Affected product(s) and affected version(s):IBM Sterling Selling and Fulfillment Foundation 9.1.0 through 10.0 Refer to the following reference URLs for remediation and additional vulnerability details:Source Bulletin: http://www.ibm.com/support/docview.wss?uid=ibm10870454X-Force Database: https://exchange.xforce.ibmcloud.com/vulnerabilities/117957 ...read more