Shallow detection cve 2018 1002105 (#67)

* added the CVE hunter, haven't checked the hunter yet * fixed illegal name for import file * Completed & Tested * subnet scan * Updated description * Updated description * Updated description
2026-05-18 23:31:13 +00:00 · 2018-12-06 00:47:16 +02:00
parent 22a9a16631
commit 3836a8f8c4
1 changed files with 5 additions and 5 deletions
--- a/src/modules/hunting/CVE_2018_1002105.py
+++ b/src/modules/hunting/CVE_2018_1002105.py
@@ -9,10 +9,10 @@ from ...core.events.types import Vulnerability, Event, OpenPortEvent
 from ...core.types import Hunter, ActiveHunter, KubernetesCluster, RemoteCodeExec, AccessRisk, InformationDisclosure, PrivilegeEscalation

 """ Vulnerabilities """
-
-
 class ServerApiVersionEndPointAccess(Vulnerability, Event):
-    """ Accessing the server API within a compromised pod would help an attacker gain full control over the cluster"""
+    """ CVE-2018-1002105
+    Pod is vulnerable to critical CVE-2018-1002105
+"""

    def __init__(self, evidence):
        Vulnerability.__init__(self, KubernetesCluster, name="Critical PrivilegedEscalation CVE", category=PrivilegeEscalation)
@@ -21,8 +21,8 @@ class ServerApiVersionEndPointAccess(Vulnerability, Event):
 # Passive Hunter
@handler.subscribe(OpenPortEvent, predicate=lambda x: x.port == 443 or x.port == 6443)
 class IsVulnerableToCVEAttack(Hunter):
-    """ API Server Hunter
-    Accessing the API server within a compromised pod might grant an attacker full control over the cluster
+    """ CVE-2018-1002105
+    Pod is vulnerable to critical CVE-2018-1002105
    """

    def __init__(self, event):