Ubuntu.comUB:CVE-2020-8558CVE-2020-8558
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
45.7%
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10,
1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue
which allows adjacent hosts to reach TCP and UDP services bound to
127.0.0.1 running on the node or in the node’s network namespace. Such a
service is generally thought to be reachable only by other processes on the
same host, but due to this defeect, could be reachable by other hosts on
the same LAN as the node, or by containers running on the same node as the
service.
Notes
| Author | Note |
|---|---|
| leosilva | kubernates is in fact a kubernetes installer that calls snap, not the package it self. |
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 20.04 | noarch | kubernetes | < any | UNKNOWN |
| ubuntu | 22.04 | noarch | kubernetes | < any | UNKNOWN |
| ubuntu | 23.10 | noarch | kubernetes | < any | UNKNOWN |
Related
8.8 High
CVSS3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
5.8 Medium
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
45.7%