Vulnerability Details : CVE-2019-12494
In Gardener before 0.20.0, incorrect access control in seed clusters allows information disclosure by sending HTTP GET requests from one's own shoot clusters to foreign shoot clusters. This occurs because traffic from shoot to seed via the VPN endpoint is not blocked.
Vulnerability category: Information leak
Products affected by CVE-2019-12494
- cpe:2.3:a:gardener:gardener:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-12494
0.31%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 51 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-12494
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
|
8.5
|
HIGH | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
1.8
|
6.0
|
MITRE | |
|
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
References for CVE-2019-12494
-
https://github.com/gardener/gardener/pull/874
Block new incoming connections to seed cluster from vpn tunnel by DockToFuture · Pull Request #874 · gardener/gardener · GitHubIssue Tracking;Third Party Advisory
-
https://github.com/gardener/vpn/issues/40
Add firewall rules to vpn-seed pod · Issue #40 · gardener/vpn · GitHubThird Party Advisory
-
https://groups.google.com/forum/#!topic/gardener/pH6dNIEhv-A
Gardener Security Announcement - CVE-2019-12494 - Incorrect access control in Gardener, please update to v0.20.0 or higher - Google GroepenMailing List;Third Party Advisory
Jump to