CVE-2024-5321

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Jul 18, 2024

Updated: Jul 19, 2024

CWE ID 276

Summary

CVE-2024-5321 is a newly disclosed cybersecurity vulnerability affecting Kubernetes clusters with Windows nodes. The issue grants elevated privileges to certain user groups, allowing BUILTIN\Users to access container logs and NT AUTHORITY\Authenticated Users to modify them. This vulnerability could potentially lead to unauthorized data access or manipulation within affected clusters. Organizations utilizing Kubernetes with Windows nodes are advised to apply relevant patches or updates as soon as possible to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Kubernetes

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/xELJN0
https://www.cve.org/CVERecord?id=CVE-2024-5321
https://nvd.nist.gov/vuln/detail/CVE-2024-5321

Back to Vulnerability Database

CVE-2024-5321

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations