CVE-2020-8558 – Kubernetes node setting allows for neighboring hosts to bypass localhost boundary
https://notcve.org/view.php?id=CVE-2020-8558
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. Se encontró que los componentes Kubelet y kube-proxy en las versiones 1.1.0-1.16.10, 1.17.0-1.17.6 y 1.18.0-1.18.3, contienen un problema de seguridad que permite a los hosts adyacentes alcanzar los servicios TCP y UDP vinculados a la versión 127.0.0.1, que se ejecutan en el nodo o en el espacio de nombres de red del nodo. Dicho servicio se considera generalmente que puede ser alcanzado solo por otros procesos en el mismo host, pero debido a esta defensa, podrían ser alcanzados por otros hosts en la misma LAN que el nodo o por contenedores que se ejecutan en el mismo nodo que el servicio A flaw was found in Kubernetes that allows attackers on adjacent networks to reach services exposed on localhost ports, previously thought to be unreachable. This flaw allows an attacker to gain privileges or access confidential information for any services listening on localhost ports that are not protected by authentication. • https://github.com/kubernetes/kubernetes/issues/92315 https://groups.google.com/g/kubernetes-announce/c/sI4KmlH3S2I/m/TljjxOBvBQAJ https://security.netapp.com/advisory/ntap-20200821-0001 https://access.redhat.com/security/cve/CVE-2020-8558 https://bugzilla.redhat.com/show_bug.cgi?id=1843358 • CWE-300: Channel Accessible by Non-Endpoint CWE-420: Unprotected Alternate Channel •
CVE-2020-8555 – Kubernetes kube-controller-manager SSRF
https://notcve.org/view.php?id=CVE-2020-8555
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services). El Kubernetes kube-controller-manager en las versiones v1.0-1.14, versiones anteriores a v1.15.12, v1.16.9, v1.17.5 y v1.18.0, son vulnerables a un ataque de tipo Server Side Request Forgery (SSRF) que permite que determinados usuarios autorizados pierdan hasta 500 bytes de información arbitraria de endpoints desprotegidos dentro de la red host del maestro (tales como los servicios link-local o loopback) A server side request forgery (SSRF) flaw was found in Kubernetes. The kube-controller-manager allows authorized users with the ability to create StorageClasses or certain Volume types to leak up to 500 bytes of arbitrary information from the master's host network. This can include secrets from the kube-apiserver through the unauthenticated localhost port (if enabled). • http://www.openwall.com/lists/oss-security/2020/06/01/4 http://www.openwall.com/lists/oss-security/2021/05/04/8 https://github.com/kubernetes/kubernetes/issues/91542 https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX https://security.netapp.com/advisory/ntap-20200724-0005 https://access.redhat.com/security/cve/CVE-2020-8555 https://bugzil • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2019-11254 – Kubernetes API Server denial of service vulnerability from malicious YAML payloads
https://notcve.org/view.php?id=CVE-2019-11254
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML. El componente Kubernetes API Server en versiones 1.1-1.14 y versiones anteriores a 1.15.10, 1.16.7 y 1.17.3, permite a un usuario autorizado que envía cargas maliciosas de YAML causar que el kube-apiserver consuma ciclos de CPU excesivos mientras analiza YAML. • https://github.com/kubernetes/kubernetes/issues/89535 https://groups.google.com/d/msg/kubernetes-announce/ALL9s73E5ck/4yHe8J-PBAAJ https://security.netapp.com/advisory/ntap-20200413-0003 https://access.redhat.com/security/cve/CVE-2019-11254 https://bugzilla.redhat.com/show_bug.cgi?id=1819486 • CWE-400: Uncontrolled Resource Consumption CWE-1050: Excessive Platform Resource Consumption within a Loop •
CVE-2020-8552 – Kubernetes API server denial of service
https://notcve.org/view.php?id=CVE-2020-8552
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests. Se detectó que el componente servidor de la API Kubernetes en versiones anteriores a 1.15.9, versiones 1.16.0-1.16.6 y versiones 1.17.0-1.17.2, es vulnerable a un ataque de denegación de servicio versiones por medio de unas peticiones de la API con éxito. A denial of service vulnerability was found in the Kubernetes API server. This flaw allows a remote attacker to send repeated, crafted HTTP requests to exhaust available memory and cause a crash. • https://github.com/kubernetes/kubernetes/issues/89378 https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX https://security.netapp.com/advisory/ntap-20200413-0003 https://access.redhat.com/security/cve/CVE-2020-8552 https://bugzilla.redhat.com/show_bug.cgi?id=1797909 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling CWE-789: Memory Allocation with Excessive Size Value •
CVE-2020-8551 – Kubernetes kubelet denial of service
https://notcve.org/view.php?id=CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250. Se detectó que el componente Kubelet en versiones 1.15.0-1.15.9, versiones 1.16.0-1.16.6 y versiones 1.17.0-1.17.2, es vulnerable a un ataque de denegación de servicio por medio la API de kubelet, incluyendo la API de solo lectura HTTP no autenticada típicamente servida en el puerto 10255, y la API HTTPS autenticada típicamente servida en el puerto 10250. A denial of service flaw was found in Kubernetes' Kubelet API. A remote attacker can exploit this flaw by sending repeated, crafted HTTP requests to exhaust available memory and cause a crash. • https://github.com/kubernetes/kubernetes/issues/89377 https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX https://security.netapp.com/advisory/ntap-20200413-0003 https://access.redhat.com/security/cve/CVE-2020-8551 https://bugzilla.redhat.com/show_bug.cgi?id=1816403 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling CWE-789: Memory Allocation with Excessive Size Value •