CVE-2020-8563

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-8563

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-8563.json

Aliases

• GHSA-5xfg-wv98-264m

Published

2020-12-07T22:15:21Z

Modified

2024-05-13T22:24:54Z

Summary

[none]

Details

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects < v1.19.3.

References

• https://security.netapp.com/advisory/ntap-20210122-0006/
• https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ
• https://github.com/kubernetes/kubernetes/issues/95621