CVE-2020-8559
Privilege escalation from compromised node to cluster
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
-Decision
Descriptions
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
El Kubernetes kube-apiserver en versiones v1.6-v1.15 y versiones anteriores a v1.16.13, v1.17.9 y v1.18.6, son vulnerables a un redireccionamiento no validado en las peticiones de actualización proxy que podrían permitir a un atacante escalar privilegios desde un compromiso de nodo a un compromiso del clúster completo
A flaw was found in the Kubernetes API server, where it allows an attacker to escalate their privileges from a compromised node. This flaw allows an attacker who can intercept requests on a compromised node, to redirect those requests, along with their credentials, to perform actions on other endpoints that trust those credentials (including other clusters), allowing for escalation of privileges. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.
The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Issues addressed include bypass, code execution, and denial of service vulnerabilities.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-02-03 CVE Reserved
- 2020-07-22 CVE Published
- 2020-07-23 First Exploit
- 2024-09-16 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-601: URL Redirection to Untrusted Site ('Open Redirect')
CAPEC
References (7)
| URL | Tag | Source |
|---|---|---|
| https://security.netapp.com/advisory/ntap-20200810-0004 | Third Party Advisory |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/tdwyer/CVE-2020-8559 | 2020-07-23 | |
| https://github.com/tabbysable/POC-2020-8559 | 2022-02-02 | |
| https://github.com/kubernetes/kubernetes/issues/92914 | 2024-09-16 | |
| https://groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ | 2024-09-16 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/security/cve/CVE-2020-8559 | 2021-02-03 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1851422 | 2021-02-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Kubernetes Search vendor "Kubernetes" | Kubernetes Search vendor "Kubernetes" for product "Kubernetes" | >= 1.6.0 <= 1.15.0 Search vendor "Kubernetes" for product "Kubernetes" and version " >= 1.6.0 <= 1.15.0" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Kubernetes Search vendor "Kubernetes" for product "Kubernetes" | >= 1.16.0 < 1.16.13 Search vendor "Kubernetes" for product "Kubernetes" and version " >= 1.16.0 < 1.16.13" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Kubernetes Search vendor "Kubernetes" for product "Kubernetes" | >= 1.17.0 < 1.17.9 Search vendor "Kubernetes" for product "Kubernetes" and version " >= 1.17.0 < 1.17.9" | - |
Affected
| ||||||
| Kubernetes Search vendor "Kubernetes" | Kubernetes Search vendor "Kubernetes" for product "Kubernetes" | >= 1.18.0 < 1.18.6 Search vendor "Kubernetes" for product "Kubernetes" and version " >= 1.18.0 < 1.18.6" | - |
Affected
| ||||||