Back to search
CVE-2020-14316
Published: Jul 29, 2020
Modified: Aug 4, 2024
PUBLISHED
Description
A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an attacker to assume the privileges of the VM process on the host system. In worst-case scenarios an attacker can read and modify any file on the system where the VMI is running. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
| Vendor | Product | Versions |
|---|---|---|
n/a | kubevirt | affected All versions before kubevirt 0.30. |
References
https://bugzilla.redhat.com/show_bug.cgi?id=1848951
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now