CVE-2020-8554 Kubernetes man in the middle using LoadBalancer or ExternalIPs

2021-01-2117:09:21

CWE-283

kubernetes

www.cve.org

kubernetes

cve-2020-8554

man-in-the-middle

loadbalancer

externalips

clusterip

patching

privileged operation

CVSS3

6.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

AI Score

6.2

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

CNA Affected

[
  {
    "product": "Kubernetes",
    "vendor": "Kubernetes",
    "versions": [
      {
        "status": "affected",
        "version": "Kubernetes all versions"
      }
    ]
  }
]