CVE-2020-8554
Kubernetes man in the middle using LoadBalancer or ExternalIPs
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
El servidor de la API de Kubernetes en todas las versiones permite a un atacante que puede crear un servicio ClusterIP y establecer el campo spec.externalIPs, interceptar el tráfico a esa dirección IP. Adicionalmente, un atacante que sea capaz de parchear el estado (que se considera una operación privilegiada y no se debe típicamente otorgar a los usuarios) de un servicio LoadBalancer puede configurar el status.loadBalancer.ingress.ip con un efecto similar
A flaw was found in kubernetes. If a potential attacker can already create or edit services and pods, then they may be able to intercept traffic from other pods (or nodes) in the cluster.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-03 CVE Reserved
- 2021-01-20 CVE Published
- 2021-01-22 First Exploit
- 2023-11-08 EPSS Updated
- 2024-09-17 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
- CWE-283: Unverified Ownership
CAPEC
References (13)
URL | Date | SRC |
---|---|---|
https://github.com/jrmurray000/CVE-2020-8554 | 2021-02-07 | |
https://github.com/Dviejopomata/CVE-2020-8554 | 2021-01-22 | |
https://github.com/kubernetes/kubernetes/issues/97076 | 2024-09-17 |
URL | Date | SRC |
---|---|---|
https://www.oracle.com//security-alerts/cpujul2021.html | 2023-11-07 | |
https://www.oracle.com/security-alerts/cpuapr2022.html | 2023-11-07 | |
https://www.oracle.com/security-alerts/cpujan2022.html | 2023-11-07 |
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2020-8554 | 2021-01-20 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1891051 | 2021-01-20 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Kubernetes Search vendor "Kubernetes" | Kubernetes Search vendor "Kubernetes" for product "Kubernetes" | * | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Network Slice Selection Function Search vendor "Oracle" for product "Communications Cloud Native Core Network Slice Selection Function" | 1.2.1 Search vendor "Oracle" for product "Communications Cloud Native Core Network Slice Selection Function" and version "1.2.1" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Policy Search vendor "Oracle" for product "Communications Cloud Native Core Policy" | 1.15.0 Search vendor "Oracle" for product "Communications Cloud Native Core Policy" and version "1.15.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Service Communication Proxy Search vendor "Oracle" for product "Communications Cloud Native Core Service Communication Proxy" | 1.14.0 Search vendor "Oracle" for product "Communications Cloud Native Core Service Communication Proxy" and version "1.14.0" | - |
Affected
|