CVE-2020-8561
4.1MEDIUMA security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver req
Published: 9/20/2021Updated: 11/21/2024
Description
A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.
AI AnalysisPowered by AI
Affected Products
kuberneteskubernetes
1.20.11
kuberneteskubernetes
1.21.5
kuberneteskubernetes
1.22.2
References
- https://github.com/kubernetes/kubernetes/issues/104720MitigationThird Party Advisory
- https://groups.google.com/g/kubernetes-security-announce/c/RV2IhwcrQsYMailing ListMitigation
- https://security.netapp.com/advisory/ntap-20211014-0002/Third Party Advisory
- https://github.com/kubernetes/kubernetes/issues/104720MitigationThird Party Advisory
- https://groups.google.com/g/kubernetes-security-announce/c/RV2IhwcrQsYMailing ListMitigation
- https://security.netapp.com/advisory/ntap-20211014-0002/Third Party Advisory