Vulnerability Details CVE-2017-1000056
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plugin resulting in the ability to make use of any existing PodSecurityPolicy object.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2017-1000056
-
cpe:2.3:a:kubernetes:kubernetes:1.5.0
-
cpe:2.3:a:kubernetes:kubernetes:1.5.1
-
cpe:2.3:a:kubernetes:kubernetes:1.5.2
-
cpe:2.3:a:kubernetes:kubernetes:1.5.3
-
cpe:2.3:a:kubernetes:kubernetes:1.5.4