CVE-2019-3779
Last modified
CVE-2019-3779 is a vulnerability of currently unknown severity. Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD.. EPSS estimates a 0.68% chance of exploitation in the next 30 days.
Description
Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kubernetes clusters utilize the same CA (Certificate Authority) to sign and trust certs for ETCD as used by the Kubernetes API. This could allow a user authenticated with a cluster to request a signed certificate leveraging the Kubernetes CSR capability to obtain a credential that could escalate privilege access to ETCD.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Cloudfoundry | Container Runtime | < 0.29.0 |
References
- https://www.cloudfoundry.org/blog/cve-2019-3779Vendor Advisory
- https://www.cloudfoundry.org/blog/cve-2019-3779Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2019-3779?
How severe is CVE-2019-3779?
How do I fix CVE-2019-3779?
Are you affected by CVE-2019-3779?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST