Insecure API Access in Docker-Kubic Package in SUSE CaaS Platform 3.0

CVE-2019-3682 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.

Learn more about our Cis Benchmark Audit For Docker.