CVE-2024-9042

EUVD-2024-54053
This CVE affects only Windows worker nodes. Your worker node is vulnerable to this issue if it is running one of the affected versions listed below.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
kubernetesCNA
5.9 MEDIUM
NETWORK
HIGH
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 56%
Debian logo
Debian Releases
Debian Product
Codename
kubernetes
bookworm
1.20.5+really1.20.2-1.1+deb12u1
fixed
bullseye
1.20.5+really1.20.2-1
fixed
forky
1.33.4+ds-1
fixed
sid
1.33.4+ds-1
fixed
trixie
1.32.3+ds-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
kubernetes
focal
not-affected
jammy
not-affected
noble
not-affected
oracular
not-affected
Common Weakness Enumeration
References
https://github.com/kubernetes/kubernetes/issues/129654
https://groups.google.com/g/kubernetes-security-announce/c/9C3vn6aCSVg
http://www.openwall.com/lists/oss-security/2025/01/16/1