CVE-2021-25749
Description
Windows workloads can run as ContainerAdministrator even when those workloads set the runAsNonRoot option to true.
CWE
- CWE-284 — CWE-284 Improper Access Control
Affected
- Kubernetes / Kubernetes — v=kubelet v1.22.0 - v1.22.13 <v1.22.14 [affected]; v=kubelet v1.23.0 - v1.23.10 <v1.23.11 [affected]; v=kubelet v1.24.0 - v1.24.4 <v1.24.5 [affected]
CVSS
- 3.1 score=7.8 severity=HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Source
cvelistV5-main/cves/2021/25xxx/CVE-2021-25749.json