CVE-2020-8554

MEDIUM

Description

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

References

https://github.com/kubernetes/kubernetes/issues/97076

https://groups.google.com/g/kubernetes-security-announce/c/iZWsF9nbKE8

https://lists.apache.org/thread.html/[email protected]%3Ccommits.druid.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.druid.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.druid.apache.org%3E

https://lists.apache.org/thread.html/[email protected]%3Ccommits.druid.apache.org%3E

Details

Source: MITRE

Published: 2021-01-21

Updated: 2021-03-30

Type: CWE-863

Risk Information

CVSS v2.0

Base Score: 6

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 6.8

Severity: MEDIUM

CVSS v3.0

Base Score: 5

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

Impact Score: 3.4

Exploitability Score: 1.6

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*

Tenable Plugins

View all (3 total)

IDNameProductFamilySeverity
146377Oracle Linux 7 : olcne (ELSA-2021-9029)NessusOracle Linux Local Security Checks
medium
146376Oracle Linux 7 / 8 : olcne (ELSA-2021-9028)NessusOracle Linux Local Security Checks
medium
145229RHEL 7 : OpenShift Container Platform 3.11.374 bug fix and (RHSA-2021:0079)NessusRed Hat Local Security Checks
medium