Lucene search

CVE-2020-8567

🗓️ 21 Jan 2021 17:14:15Reported by [email protected]Type

Kubernetes Secrets Store CSI Driver vulnerability allows writing to arbitrary file paths on host filesyste

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
OSV	CVE-2020-8567	21 Jan 202117:15	–	osv
OSV	GHSA-2V35-WJ4R-RCMV Kubernetes Secrets Store CSI Driver plugins arbitrary file write	24 May 202217:40	–	osv
OSV	GO-2024-2750 Kubernetes Secrets Store CSI Driver plugins arbitrary file write in github.com/Azure/secrets-store-csi-driver-provider-azure	5 Jun 202415:10	–	osv
Cvelist	CVE-2020-8567 Kubernetes Secrets Store CSI Driver plugin directory traversals	21 Jan 202117:09	–	cvelist
GitLab Advisory Database	Kubernetes Secrets Store CSI Driver plugins arbitrary file write	24 May 202200:00	–	gitlab
GitLab Advisory Database	Kubernetes Secrets Store CSI Driver plugins arbitrary file write	24 May 202200:00	–	gitlab
Github Security Blog	Kubernetes Secrets Store CSI Driver plugins arbitrary file write	24 May 202217:40	–	github
CVE	CVE-2020-8567	21 Jan 202117:15	–	cve
Prion	Code injection	21 Jan 202117:15	–	prion

Nvd

Node

google secret_manager_provider_for_secret_store_csi_driverRange<0.2.0kubernetes

Node

hashicorp vault_provider_for_secrets_store_csi_driverRange<0.0.6kubernetes

Node

microsoft azure_key_vault_provider_for_secrets_store_csi_driverRange<0.0.10kubernetes

Source	Link
groups	www.groups.google.com/g/kubernetes-secrets-store-csi-driver/c/BI2qisiNXHY
github	www.github.com/kubernetes-sigs/secrets-store-csi-driver/issues/384

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Jan 2021 17:15Current

5.5Medium risk

Vulners AI Score5.5

CVSS24

CVSS36.5

EPSS0.00715