A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HKubernetes
APPKubernetes< 1.18.181.19.0 – 1.19.10 (bez)1.20.0 – 1.20.6 (bez)
Powiązane podatności
Nieprawidłowa autoryzacja w Esri Portal for ArcGIS — obejście uprawnień
SQL Injection w Esri ArcGIS Server — zdalny dostęp bez uwierzytelnienia
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to p...
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plug...
Openshift allows remote attackers to gain privileges by updating a build configuration that was created with a...