CVSS v3.1 Statistics for Kubernetes as of 11/09/2024
0
320
40
274
Reference
0-69.9%
|
Contributor |
85.6
Contributor
70-94.9%
Provider
95-100%
CVE | CNA Value | Alignment | NIST Value | Reason |
---|---|---|---|---|
CVE-2020-8554 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | ≠ | Attack Complexity (AC) High | MiTM scenario identified | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) Low | Availability (A) Low | |||
CVE-2020-8561 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2020-8562 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Privilege level not clearly identified to qualify as HIGH (typically "root" or "administrator") | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2020-8565 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2020-8566 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2020-8567 (4 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2020-8568 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) None | Availability (A) None | |||
CVE-2020-8569 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2021-25735 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2021-25736 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Privilege level not clearly identified to qualify as HIGH (typically "root" or "administrator") | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2021-25737 (5 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | ≠ | User Interaction (UI) Required | User Interaction not identified | |
Scope (S) Unchanged | ≠ | Scope (S) Changed | Security boundary cross identified | |
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) None | ≠ | Integrity (I) Low | No limiting factors for integrity listed | |
Availability (A) None | Availability (A) None | |||
CVE-2021-25738 (8 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2021-25740 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | Confidentiality (C) Low | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2021-25741 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2021-25742 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2021-25743 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) None | Confidentiality (C) None | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) None | Availability (A) None | |||
CVE-2021-25745 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2021-25746 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2021-25748 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) Low | ≠ | Integrity (I) None | No integrity impacts identified | |
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2021-25749 (8 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-2385 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) None | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2022-3162 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2022-3172 (4 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) High | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) Required | User Interaction (UI) Required | |||
Scope (S) Changed | Scope (S) Changed | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) High | No limiting factors for confidentiality listed | |
Integrity (I) Low | Integrity (I) Low | |||
Availability (A) Low | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2022-3294 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) High | ≠ | Attack Complexity (AC) Low | No Race Condition, implementation specific secrets required or MiTM identified for NVD analyst | |
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2022-4886 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | ≠ | Integrity (I) None | No integrity impacts identified | |
Availability (A) High | ≠ | Availability (A) None | No availability impacts identified | |
CVE-2023-1174 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-1943 (7 of 8) | Attack Vector (AV) Adjacent Network | Attack Vector (AV) Adjacent Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-1944 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | ≠ | Privileges Required (PR) Low | Local attacker typically implies some privilege level needed | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-2431 (5 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) Low | ≠ | Confidentiality (C) None | No confidentiality impacts identified | |
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) None | Availability (A) None | |||
CVE-2023-2727 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-2728 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | Privileges Required (PR) High | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-2878 (7 of 8) | Attack Vector (AV) Local | Attack Vector (AV) Local | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Changed | ≠ | Scope (S) Unchanged | Unclear if Scope change occurs. No identification of security boundaries being crossed. | |
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) None | Integrity (I) None | |||
Availability (A) None | Availability (A) None | |||
CVE-2023-3676 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-3893 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-3955 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2023-5043 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2023-5044 (6 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) Low | Privileges Required (PR) Low | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) Low | ≠ | Integrity (I) High | No limiting factors for integrity listed | |
Availability (A) Low | ≠ | Availability (A) High | No limiting factors for availability listed | |
CVE-2023-5528 (7 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) Low | Attacker as "user" is mentioned, but not identified as high privileges | |
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2024-9486 (8 of 8) | Attack Vector (AV) Network | Attack Vector (AV) Network | ||
Attack Complexity (AC) Low | Attack Complexity (AC) Low | |||
Privileges Required (PR) None | Privileges Required (PR) None | |||
User Interaction (UI) None | User Interaction (UI) None | |||
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High | |||
CVE-2024-9594 (5 of 8) | Attack Vector (AV) Adjacent Network | ≠ | Attack Vector (AV) Network | Applied AV:N due to lack of available Information for NVD Analyst |
Attack Complexity (AC) High | Attack Complexity (AC) High | |||
Privileges Required (PR) High | ≠ | Privileges Required (PR) None | No privileges needed by attacker identified by NVD analyst | |
User Interaction (UI) Required | ≠ | User Interaction (UI) None | User Interaction not identified | |
Scope (S) Unchanged | Scope (S) Unchanged | |||
Confidentiality (C) High | Confidentiality (C) High | |||
Integrity (I) High | Integrity (I) High | |||
Availability (A) High | Availability (A) High |