Skip to main content

Tectonic

1 CVEs product

Monthly

CVE-2018-5256 HIGH This Week

CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before 1.8.4-tectonic.3 mounts a direct proxy to the kubernetes cluster at /api/kubernetes/ which is accessible without authentication to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Information Disclosure Tectonic
NVD
CVSS 3.1
7.5
EPSS
1.7%
EPSS 2% CVSS 7.5
HIGH This Week

CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before 1.8.4-tectonic.3 mounts a direct proxy to the kubernetes cluster at /api/kubernetes/ which is accessible without authentication to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Kubernetes Information Disclosure Tectonic
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy