Misconfiguration Of LoadBalancer Service

github.com/kubernetes/kubernetes is vulnerable to Misconfiguration of LoadBalancer Service. The vulnerability is present in the proxier.go. In the context of Kube-proxy on Windows, there is an issue where it can inadvertently forward traffic to local processes that are listening on the same port ...

CVE-2021-25736

Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port “spec.ports.port” as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress.ip” field. Clusters where the LoadBalancer controller sets the...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Container Platform for Windows Containers 3.0.0 security and bug fix update

The components for Red Hat OpenShift Container Platform for Windows Containers 3.0.0 are now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

CVE-2020-8554

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

Code injection

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

CVE-2020-8554

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

Incorrect Authorization

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status which is considered a privileged operation and should not...

PT-2020-20205

Name of the Vulnerable Software and Affected Versions Kubernetes API server versions prior to a fixed version the fixed version is not specified Description The issue allows an attacker who can create a ClusterIP service and set the spec.externalIPs field to intercept traffic to that IP address...