vulnerability

Red Hat OpenShift: CVE-2019-11255: kubernetes-csi: CSI volume snapshot, cloning and resizing features can result in unauthorized volume data access or mutation

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:L/Au:S/C:P/I:P/A:N)	Dec 5, 2019	Dec 12, 2019	Aug 11, 2025

Severity

CVSS

(AV:N/AC:L/Au:S/C:P/I:P/A:N)

Published

Dec 5, 2019

Added

Dec 12, 2019

Modified

Aug 11, 2025

Description

Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1, <1.2.2), and external-resizer (v0.1, v0.2) could result in unauthorized PersistentVolume data access or volume mutation during snapshot, restore from snapshot, cloning and resizing operations.

Solution

linuxrpm-upgrade-openshift-external-storage

References

CVE-2019-11255
https://attackerkb.com/topics/CVE-2019-11255
CWE-20
REDHAT-RHSA-2019:4054
REDHAT-RHSA-2019:4096
REDHAT-RHSA-2019:4099
REDHAT-RHSA-2019:4225

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today