Privilege Context Switching Flaw in Kubernetes CRI-O by the Kubernetes Project
CVE-2018-1000400
8.8HIGH
What is CVE-2018-1000400?
The vulnerability in Kubernetes CRI-O prior to version 1.9 is characterized by a privilege context switching error that affects the handling of ambient capabilities. This flaw can potentially allow containers to execute with elevated privileges, which enables users to gain unauthorized capabilities. By exploiting this vulnerability through container execution, attackers could compromise security protocols, highlighting the importance of upgrading to the patched version 1.9 to mitigate this risk.