Privilege Escalation in Kubernetes

🗓️ 24 Apr 2024 20:22:01Reported by GitHub Advisory DatabaseType

Kubernetes privilege escalation risk from unvalidated redirect

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 199
OSV	CGA-XWCG-HGF2-9H79	31 Mar 202516:02	–	osv
OSV	CGA-5HQ3-M8G5-668V	31 Mar 202516:01	–	osv
OSV	CGA-MPMG-4CCR-64V3	31 Mar 202516:05	–	osv
OSV	CGA-C87R-CV5Q-RRQG	31 Mar 202516:03	–	osv
OSV	CGA-PMJ8-QWPW-MC66	31 Mar 202516:01	–	osv
OSV	CGA-68JV-4Q9R-V58Q	31 Mar 202516:02	–	osv
OSV	CGA-HF7V-MM48-P3M9	31 Mar 202516:04	–	osv
OSV	CGA-6688-9F49-CQQM	31 Mar 202516:02	–	osv
OSV	CGA-PGQX-FRHJ-2F4Q	31 Mar 202516:05	–	osv
OSV	CGA-92MX-R6P6-XJ82	31 Mar 202516:02	–	osv

Vulners

Node

k8s.io kubernetesRange1.18.0–1.18.7

k8s.io kubernetesRange1.17.0–1.17.9

k8s.io kubernetesRange<1.16.13

k8s.io apimachineryRange0.18.0–0.18.7

k8s.io apimachineryRange0.17.0–0.17.9

k8s.io apimachineryRange<0.16.13

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-8559
github	www.github.com/kubernetes/kubernetes/issues/92914
github	www.github.com/kubernetes/kubernetes/pull/92941
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/tdwyer/CVE-2020-8559
groups	www.groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ
groups	www.groups.google.com/g/kubernetes-security-announce/c/JAIGG5yNROs
security	www.security.netapp.com/advisory/ntap-20200810-0004
github	www.github.com/advisories/GHSA-33c5-9fx5-fvjm

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Apr 2024 20:01Current

7.2High risk

Vulners AI Score7.2

CVSS26

CVSS36.4 - 6.8

EPSS0.61459

CWE-601