CVE-2020-8554

Source
https://nvd.nist.gov/vuln/detail/CVE-2020-8554
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8554.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-8554
Aliases
Related
Published
2021-01-21T17:15:13Z
Modified
2024-12-10T16:53:01.381813Z
Severity
  • 5.0 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator
Summary
[none]
Details

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

References

Affected packages

Git / github.com/kubernetes/kubelet

Affected ranges

Type
GIT
Repo
https://github.com/kubernetes/kubelet
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Type
GIT
Repo
https://github.com/kubernetes/kubernetes
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected

Affected versions

kubernetes-1.*

kubernetes-1.10.0-alpha.0
kubernetes-1.10.0-alpha.1
kubernetes-1.10.0-alpha.2
kubernetes-1.10.0-alpha.3
kubernetes-1.11.0-alpha.0
kubernetes-1.11.0-alpha.1
kubernetes-1.11.0-alpha.2
kubernetes-1.12.0-alpha.0
kubernetes-1.12.0-alpha.1
kubernetes-1.12.0-beta.0
kubernetes-1.13.0-alpha.0
kubernetes-1.14.0
kubernetes-1.14.0-beta.2
kubernetes-1.14.0-rc.1
kubernetes-1.14.1-beta.0
kubernetes-1.9.0-alpha.0
kubernetes-1.9.0-alpha.1
kubernetes-1.9.0-alpha.2
kubernetes-1.9.0-alpha.3

v0.*

v0.10.0
v0.11.0
v0.12.0
v0.13.0
v0.13.1-dev
v0.14.0
v0.14.1
v0.15.0
v0.16.0
v0.16.1
v0.16.2
v0.17.0
v0.17.1
v0.18.0
v0.18.1
v0.18.2
v0.19.0
v0.19.1
v0.19.2
v0.19.3
v0.2
v0.20.0
v0.20.1
v0.20.2
v0.21.0
v0.21.1
v0.21.2
v0.3
v0.4
v0.5
v0.6.0
v0.7.0
v0.8.0
v0.9.0

v1.*

v1.0.0
v1.1.0-alpha.0
v1.1.0-alpha.1
v1.2.0
v1.2.0-alpha.1
v1.2.0-alpha.2
v1.2.0-alpha.3
v1.2.0-alpha.4
v1.2.0-alpha.5
v1.2.0-alpha.6
v1.2.0-alpha.7
v1.2.0-alpha.8
v1.2.0-beta.0
v1.2.0-beta.1
v1.2.1
v1.2.1-beta.0
v1.3.0-alpha.0