CVE-2019-11248

HIGH EXPLOITED NUCLEI

Kubernetes < 1.12.10, 1.13.8, 1.14.4, 1.15.0 - Unauthenticated Information Disclosure via /debug/pprof Endpoint

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2019-11248 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially leak sensitive information such as internal Kubelet memory addresses and configuration, or for limited denial of service. Versions prior to 1.15.0, 1.14.4, 1.13.8, and 1.12.10 are affected. The issue is of medium severity, but not exposed by the default configuration.

Nuclei Templates (1)

Debug Endpoint pprof - Exposure Detection
HIGHby 0xceeb,ritikchaddha
Shodan: http.title:"kubernetes web view"
FOFA: title="kubernetes web view" || app="kubernetes-enterprise-manager"

References (3)

Core 3
Core References
Patch, Third Party Advisory x_refsource_confirm
https://github.com/kubernetes/kubernetes/issues/81023
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
https://groups.google.com/d/msg/kubernetes-security-announce/pKELclHIov8/BEDtRELACQAJ
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190919-0003/

Scores

CVSS v3 8.2
EPSS 0.9121
EPSS Percentile 99.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L

Details

VulnCheck KEV 2023-11-27
CWE
CWE-862 CWE-419
Status published
Products (16)
kubernetes/kubernetes 1.13.0 (10 CPE variants)
kubernetes/kubernetes 1.13.1 (2 CPE variants)
kubernetes/kubernetes 1.13.2 (2 CPE variants)
kubernetes/kubernetes 1.13.3 (2 CPE variants)
kubernetes/kubernetes 1.13.4 (2 CPE variants)
kubernetes/kubernetes 1.13.5 (2 CPE variants)
kubernetes/kubernetes 1.13.6 (2 CPE variants)
kubernetes/kubernetes 1.13.7 (2 CPE variants)
kubernetes/kubernetes 1.13.8 beta.0
kubernetes/kubernetes 1.14.0 (9 CPE variants)
... and 6 more
Published Aug 29, 2019
Tracked Since Feb 18, 2026