{"containers":{"cna":{"affected":[{"product":"Kubernetes","vendor":"Kubernetes","versions":[{"lessThan":"unspecified","status":"affected","version":"v1.6.0","versionType":"custom"},{"lessThanOrEqual":"v1.6.5","status":"affected","version":"unspecified","versionType":"custom"}]}],"descriptions":[{"lang":"en","value":"Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to \"container\" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal."}],"problemTypes":[{"descriptions":[{"description":"Insecure Permissions","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-09-14T13:00:00.000Z","orgId":"a6081bf6-c852-4425-ad4f-a67919267565","shortName":"kubernetes"},"references":[{"tags":["x_refsource_MISC"],"url":"https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ"},{"tags":["x_refsource_MISC"],"url":"https://github.com/kubernetes/kubernetes/issues/47611"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"jordan@liggitt.net","ID":"CVE-2017-1002100","REQUESTER":"kubernetes-security@googlegroups.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Kubernetes","version":{"version_data":[{"version_affected":">=","version_value":"v1.6.0"},{"version_affected":"<=","version_value":"v1.6.5"}]}}]},"vendor_name":"Kubernetes"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Default access permissions for Persistent Volumes (PVs) created by the Kubernetes Azure cloud provider in versions 1.6.0 to 1.6.5 are set to \"container\" which exposes a URI that can be accessed without authentication on the public internet. Access to the URI string requires privileged access to the Kubernetes cluster or authenticated access to the Azure portal."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Insecure Permissions"}]}]},"references":{"reference_data":[{"name":"https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ","refsource":"MISC","url":"https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ"},{"name":"https://github.com/kubernetes/kubernetes/issues/47611","refsource":"MISC","url":"https://github.com/kubernetes/kubernetes/issues/47611"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T22:00:41.665Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"https://groups.google.com/d/msg/kubernetes-security-announce/n3VBg_WJZic/-ddIqKXqAAAJ"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://github.com/kubernetes/kubernetes/issues/47611"}]}]},"cveMetadata":{"assignerOrgId":"a6081bf6-c852-4425-ad4f-a67919267565","assignerShortName":"kubernetes","cveId":"CVE-2017-1002100","datePublished":"2017-09-14T13:00:00.000Z","dateReserved":"2017-09-14T00:00:00.000Z","dateUpdated":"2024-09-16T16:53:57.251Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}