Pivotal + VMware: Transforming how more of the world builds software

All Vulnerability Reports

CVE-2019-9946: Kubernetes affecting certain network configurations with CNI


Severity

Medium

Vendor

Pivotal Cloud Foundry

Description

A security issue was discovered with interactions between the CNI (Container Networking Interface) portmap plugin versions prior to 0.7.5 and Kubernetes. The CNI portmap plugin is embedded into Kubernetes releases so new releases of Kubernetes are required to fix this issue. The issue is Medium and upgrading to Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0 is encouraged to fix this issue if this plugin is used in your environment.

Affected Pivotal Products and Versions

Severity is medium unless otherwise noted.

  • Pivotal Container Service (PKS)
    • versions 1.2.x prior to 1.2.11
    • Versions 1.3.x prior to 1.3.5
Mitigation

Users of affected versions should apply the following mitigation:

  • Pivotal recommends upgrading the following releases:
    • Pivotal Container Service (PKS)
      • Upgrade 1.2.x versions to 1.2.11 or greater
      • Upgrade 1.3.x versions to 1.3.5 or greater
References
History

2019-04-01: Initial vulnerability report published

お問い合わせ