CVE-2020-8559

2020-07-22T14:15:00
ID CVE-2020-8559
Type cve
Reporter cve@mitre.org
Modified 2020-07-27T15:47:00

Description

The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.