From b7222d26e789c994f34c2bca96202d23ccf47775 Mon Sep 17 00:00:00 2001 From: Idan Revivo Date: Mon, 4 Mar 2019 17:05:17 +0200 Subject: [PATCH] cve info change --- src/modules/hunting/cvehunter.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/modules/hunting/cvehunter.py b/src/modules/hunting/cvehunter.py index c9c4060..1141067 100644 --- a/src/modules/hunting/cvehunter.py +++ b/src/modules/hunting/cvehunter.py @@ -22,7 +22,7 @@ class ServerApiVersionEndPointAccessPE(Vulnerability, Event): class ServerApiVersionEndPointAccessDos(Vulnerability, Event): - """Users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type json-patch that consumes excessive resources while processing, causing a Denial of Service on the API Server. CVE-2019-1002100""" + """Node not patched for CVE-2019-1002100. Depending on your RBAC settings, a crafted json-patch could cause a Denial of Service.""" def __init__(self, evidence): Vulnerability.__init__(self, KubernetesCluster, name="Denial of Service to Kubernetes API Server", category=DenialOfService)