CVSS: 6.3EPSS: 24%CPEs: 4EXPL: 6CVE-2020-8554 – Kubernetes man in the middle using LoadBalancer or ExternalIPs
https://notcve.org/view.php?id=CVE-2020-8554
20 Jan 2021 — Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect. El servidor de la API de Kubernetes en todas las versiones permite a un atacante que puede crear un s... • https://github.com/jrmurray000/CVE-2020-8554 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-283: Unverified Ownership •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8563 – Secret leaks in logs for vSphere Provider kube-controller-manager
https://notcve.org/view.php?id=CVE-2020-8563
07 Dec 2020 — In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects < v1.19.3. En los clústeres de Kubernetes que utilizan VSphere como proveedor de nube, con un nivel de registro establecido en 4 o superior, las credenciales de la nube de VSphere se filtrarán en el registro del administrador del controlador de nube. Esto afecta a versiones anteriores a v1.19.3 A flaw was found in kuber... • https://github.com/kubernetes/kubernetes/issues/95621 • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8565 – Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9
https://notcve.org/view.php?id=CVE-2020-8565
07 Dec 2020 — In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2. En Kubernetes, si el nivel de registro se establece en al menos 9, los tokens de autorización y portador se escribirán en los archivos de registro. Esto puede ocurrir tanto en los registros del servidor API como en la salida de la herramienta clie... • https://github.com/kubernetes/kubernetes/issues/95623 • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8566 – Ceph RBD adminSecrets exposed in logs when loglevel >= 4
https://notcve.org/view.php?id=CVE-2020-8566
07 Dec 2020 — In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13. En los clústeres de Kubernetes que usan Ceph RBD como aprovisionador de almacenamiento, con un nivel de registro de al menos 4, los secretos de administración de Ceph RBD se pueden escribir en los registros. Esto ocurre en... • https://github.com/kubernetes/kubernetes/issues/95624 • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8564 – Docker config secrets leaked when file is malformed and loglevel >= 4
https://notcve.org/view.php?id=CVE-2020-8564
27 Oct 2020 — In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, < v1.17.13. En los clústeres de Kubernetes que usan un nivel de registro de al menos 4, el procesamiento de un archivo de configuración de docker malformado dará como resultado la filtración del contenido del archivo de configuración de docker,... • https://github.com/kubernetes/kubernetes/issues/95622 • CWE-117: Improper Output Neutralization for Logs CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2020-8553 – Kubernetes ingress-nginx Compromise of auth via subset/superset namespace names
https://notcve.org/view.php?id=CVE-2020-8553
29 Jul 2020 — The Kubernetes ingress-nginx component prior to version 0.28.0 allows a user with the ability to create namespaces and to read and create ingress objects to overwrite the password file of another ingress which uses nginx.ingress.kubernetes.io/auth-type: basic and which has a hyphenated namespace or secret name. El componente Kubernetes ingress-nginx anterior a la versión 0.28.0, permite a un usuario crear espacios de nombres y leer y crear objetos de ingreso para sobrescribir el archivo de contraseña de otr... • https://github.com/kubernetes/ingress-nginx/issues/5126 • CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 0CVE-2020-8557 – Kubernetes node disk Denial of Service by writing to container /etc/hosts
https://notcve.org/view.php?id=CVE-2020-8557
23 Jul 2020 — The Kubernetes kubelet component in versions 1.1-1.16.12, 1.17.0-1.17.8 and 1.18.0-1.18.5 do not account for disk usage by a pod which writes to its own /etc/hosts file. The /etc/hosts file mounted in a pod by kubelet is not included by the kubelet eviction manager when calculating ephemeral storage usage by a pod. If a pod writes a large amount of data to the /etc/hosts file, it could fill the storage space of the node and cause the node to fail. El componente kubelet de Kubenetes versiones 1.1-1.16.12, 1.... • https://github.com/kubernetes/kubernetes/issues/93032 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11252 – Credential leakage when failing to mount
https://notcve.org/view.php?id=CVE-2019-11252
23 Jul 2020 — The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes. El Kubernetes kube-controller-manager en versiones v1.0-v1.17, es vulnerable a una filtración de credenciales por medio de mensajes de error en registros de fallo de montaje y eventos para volúmenes de AzureFile y CephFS A flaw was found in Kubernetes that allows the logging of credentials when mounting AzureFile and CephFS ... • https://github.com/kubernetes/kubernetes/pull/88684 • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 6.8EPSS: 61%CPEs: 4EXPL: 4CVE-2020-8559 – Privilege escalation from compromised node to cluster
https://notcve.org/view.php?id=CVE-2020-8559
22 Jul 2020 — The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise. El Kubernetes kube-apiserver en versiones v1.6-v1.15 y versiones anteriores a v1.16.13, v1.17.9 y v1.18.6, son vulnerables a un redireccionamiento no validado en las peticiones de actualización proxy que podrían permitir a un ataca... • https://github.com/tdwyer/CVE-2020-8559 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 8.8EPSS: 25%CPEs: 3EXPL: 4CVE-2020-8558 – Kubernetes node setting allows for neighboring hosts to bypass localhost boundary
https://notcve.org/view.php?id=CVE-2020-8558
13 Jul 2020 — The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service. Se... • https://github.com/tabbysable/POC-2020-8558 • CWE-300: Channel Accessible by Non-Endpoint CWE-420: Unprotected Alternate Channel •