Lucene search
+L

8 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/04/25 6:34 p.m.20 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure in Kubernetes [CVE-2021-25740]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure in Kubernetes, caused by a confused deputy attack. CVE-2021-25740. Kubernetes is included as part of the utilities used by our Speech Services. This vulnerabilitiy has been addressed...

3.5CVSS3.8AI score0.01952EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/03 3:48 p.m.36 views

Security Bulletin: IBM InfoSphere Information Server is affected by an information disclosure vulnerability in Kubernetes (CVE-2021-25740)

Summary An information disclosure vulnerability in Kubernetes used by IBM InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2021-25740 DESCRIPTION: Kubernetes could allow a remote authenticated attacker to obtain sensitive information, caused by a confused deputy attack...

3.1CVSS3.9AI score0.01952EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2022/06/08 10:1 p.m.20 views

Security Bulletin: IBM Cloud Kubernetes Service is affected by an endpoint resource security design flaw in Kubernetes (CVE-2021-25740)

Summary IBM Cloud Kubernetes Service is affected by an endpoint resource security design flaw in Kubernetes. If a potential attacker can create or edit Endpoints or EndpointSlices in the Kubernetes API, they can potentially direct a LoadBalancer or Ingress implementation to expose backend IPs the...

3.5CVSS4.8AI score0.01952EPSS
Exploits0Affected Software1
OSV
OSV
added 2021/09/20 5:15 p.m.1 views

DEBIAN-CVE-2021-25740

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack...

3.1CVSS5.1AI score0.01952EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/09/20 5:15 p.m.90 views

CVE-2021-25740

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack...

3.5CVSS6.3AI score0.01952EPSS
Exploits0References2
CVE
CVE
added 2021/09/20 5:5 p.m.96 views

CVE-2021-25740

CVE-2021-25740: Kubernetes could allow a remote authenticated attacker to disclose backend IPs by abusing Endpoints/EndpointSlices via a confused deputy attack. Affected: Kubernetes API usage; impact is information disclosure (low to moderate CVSS v3.1 3.1). Root cause: misused permissions enabli...

3.5CVSS3.4AI score0.01952EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2021/09/20 5:5 p.m.31 views

CVE-2021-25740

A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack...

3.5CVSS4.1AI score0.01952EPSS
Exploits0
Circl
Circl
added 2021/07/15 7:58 a.m.11 views

CVE-2021-25740

creationtimestamp| type| source ---|---|--- 2021-07-15 07:58:12+00:00| seen| https://t.me/k8security/344 2025-09-30 00:13:36+00:00| seen| https://bsky.app/profile/bluesky.awakari.com/post/3lzzajsf24423 2025-09-30 15:56:04+00:00| seen| https://bsky.app/profile/kubernetes.dev/post/3m22v6zsv7i2o...

3.5CVSS6.2AI score0.01952EPSS
Exploits0References8
Rows per page
Query Builder