logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2020-8559

Description

The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.


Affected Software


CPE Name Name Version
kubernetes:kubernetes kubernetes 1.18.6
kubernetes:kubernetes kubernetes 1.15.0
kubernetes:kubernetes kubernetes 1.17.9
kubernetes:kubernetes kubernetes 1.16.13

Related