How to detect Kubernetes vulnerability CVE-2019-11246 using Falco

Time to read
less than
1 minute
Read so far

How to detect Kubernetes vulnerability CVE-2019-11246 using Falco

Tue, 09/07/2019 - 09:00
sysdig

A recent CNCF-sponsored Kubernetes security audit uncovered CVE-2019-11246, a high-severity vulnerability affecting the command-line kubectl tool. If exploited, it could lead to a directory traversal, allowing a malicious container to replace or create files on a user’s workstation. This vulnerability stemmed from an incomplete fix of a previously disclosed vulnerability (CVE-2019-1002101). Are you vulnerable? Run kubectl version --client and if it does not say client version 1.12.9, 1.13.6, or 1.14.2 or newer, you are running a vulnerable version.