[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-23750":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":31,"vuln_id":45,"name":46,"published":47,"updated":47},23750,{"tool":27,"engine":30},{"id":28,"name":29},3,"Kubernetes Scanner",null,{"id":25,"codename":30,"description":32,"severity":33,"risk_description":34,"public_description":35,"public_recommendation":36,"recommendation":37,"references":38,"cvssv3":30,"epss_score":30,"epss_percentile":30,"cve":30,"in_cisa_catalog":41,"date":30,"software_type":42,"vendor":43,"product":44,"ptt_exploit_capabilities":30},"We have found that Kubernetes uses /var/log/pods on nodes to store Pods log files. When running Kubectl logs the Kubelet is fetching the pod logs from that directory. If a container has write access to /var/log it can create arbitrary files, or symlink to other files on the host. Those would be read by the Kubelet when a user executes Kubectl logs.","medium","The risk exists that a remote attacker may escalate their privileges using this attack vector.","If Kubernetes uses /var/log/pods on nodes to store Pods log files, then it's crucial to ensure that the directory has adequate storage and proper access permissions. When running Kubectl logs the Kubelet is fetching the pod logs from that directory. If a container has write access to /var/log it can create arbitrary files, or symlink to other files on the host. Those would be read by the Kubelet when a user executes Kubectl logs.","Disallow writable host mounts to /var/log, using Kubernetes Pod Security Policies with AllowedHostPaths policy.","We recommend disallowing writable host mounts to /var/log, using Kubernetes Pod Security Policies with AllowedHostPaths policy.",[39,40],"https://kubernetes.io/","https://kubernetes.io/docs/concepts/security/",false,"Container Orchestration System","CNCF","Kubernetes","KUBESCAN-VULNERABILITY-POD-WITH-UNSAFE-MOUNT","Pod With Mount To /var/log","2024-07-02T00:00:00Z"]