A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:HKubernetes
APPKubernetes< 1.18.181.19.0 – 1.19.10 (bez)1.20.0 – 1.20.6 (bez)
Related vulnerabilities
Nieprawidłowa autoryzacja w Esri Portal for ArcGIS — obejście uprawnień
SQL Injection w Esri ArcGIS Server — zdalny dostęp bez uwierzytelnienia
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to p...
Kubernetes version 1.5.0-1.5.4 is vulnerable to a privilege escalation in the PodSecurityPolicy admission plug...
Openshift allows remote attackers to gain privileges by updating a build configuration that was created with a...