Security News > 2024 > October > Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk

Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
2024-10-17 05:18

A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances. The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability. "A security issue


News URL

https://thehackernews.com/2024/10/critical-kubernetes-image-builder.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-10-15 CVE-2024-9486 Use of Hard-coded Credentials vulnerability in Kubernetes Image Builder
A security issue was discovered in the Kubernetes Image Builder versions <= v0.1.37 where default credentials are enabled during the image build process.
network
low complexity
kubernetes CWE-798
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Kubernetes 19 5 45 34 8 92