{"containers":{"cna":{"affected":[{"product":"Kubernetes","vendor":"Kubernetes","versions":[{"status":"affected","version":"prior to 1.13.11"},{"status":"affected","version":"prior to 1.14.7"},{"status":"affected","version":"prior to 1.15.4"},{"status":"affected","version":"1.1"},{"status":"affected","version":"1.2"},{"status":"affected","version":"1.3"},{"status":"affected","version":"1.4"},{"status":"affected","version":"1.5"},{"status":"affected","version":"1.6"},{"status":"affected","version":"1.7"},{"status":"affected","version":"1.8"},{"status":"affected","version":"1.9"},{"status":"affected","version":"1.10"},{"status":"affected","version":"1.11"},{"status":"affected","version":"1.12"}]}],"credits":[{"lang":"en","value":"Erik Sjölund"}],"descriptions":[{"lang":"en","value":"The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-61","description":"CWE-61: UNIX Symbolic Link (Symlink) Following","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2020-02-03T15:35:13.000Z","orgId":"a6081bf6-c852-4425-ad4f-a67919267565","shortName":"kubernetes"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/kubernetes/kubernetes/issues/87773"},{"name":"Security release of kubectl versions v1.16.0 / 1.15.4 / 1.14.7 and 1.13.11 - CVE-2019-11251","tags":["mailing-list","x_refsource_MLIST"],"url":"https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ"}],"source":{"defect":["https://github.com/kubernetes/kubernetes/issues/87773"],"discovery":"USER"},"title":"kubectl cp allows symlink directory traversal","x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"security@kubernetes.io","ID":"CVE-2019-11251","STATE":"PUBLIC","TITLE":"kubectl cp allows symlink directory traversal"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Kubernetes","version":{"version_data":[{"version_value":"prior to 1.13.11"},{"version_value":"prior to 1.14.7"},{"version_value":"prior to 1.15.4"},{"version_value":"1.1"},{"version_value":"1.2"},{"version_value":"1.3"},{"version_value":"1.4"},{"version_value":"1.5"},{"version_value":"1.6"},{"version_value":"1.7"},{"version_value":"1.8"},{"version_value":"1.9"},{"version_value":"1.10"},{"version_value":"1.11"},{"version_value":"1.12"}]}}]},"vendor_name":"Kubernetes"}]}},"credit":[{"lang":"eng","value":"Erik Sjölund"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree."}]},"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":4.8,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:H/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-61: UNIX Symbolic Link (Symlink) Following"}]}]},"references":{"reference_data":[{"name":"https://github.com/kubernetes/kubernetes/issues/87773","refsource":"CONFIRM","url":"https://github.com/kubernetes/kubernetes/issues/87773"},{"name":"Security release of kubectl versions v1.16.0 / 1.15.4 / 1.14.7 and 1.13.11 - CVE-2019-11251","refsource":"MLIST","url":"https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ"}]},"source":{"defect":["https://github.com/kubernetes/kubernetes/issues/87773"],"discovery":"USER"}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T22:48:09.005Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/kubernetes/kubernetes/issues/87773"},{"name":"Security release of kubectl versions v1.16.0 / 1.15.4 / 1.14.7 and 1.13.11 - CVE-2019-11251","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://groups.google.com/d/msg/kubernetes-announce/YYtEFdFimZ4/nZnOezZuBgAJ"}]}]},"cveMetadata":{"assignerOrgId":"a6081bf6-c852-4425-ad4f-a67919267565","assignerShortName":"kubernetes","cveId":"CVE-2019-11251","datePublished":"2020-02-03T15:35:13.000Z","dateReserved":"2019-04-17T00:00:00.000Z","dateUpdated":"2024-08-04T22:48:09.005Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}