You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Kubernetes API server in all versions prior to 1.21.0-alpha.3 allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
Additional Info Attack vector: NETWORK Attack complexity: HIGH Confidentiality impact: LOW Availability impact: LOW Remediation Upgrade Recommendation: kubernetes-1.23.6
The text was updated successfully, but these errors were encountered:
Checkmarx (SCA): Vulnerable Package
Vulnerability: Read More about CVE-2020-8554
Applications: yael's application
Checkmarx Project: Yoavast/CX-AST
Repository URL: https://github.com/Yoavast/CX-AST
Branch: main
Severity: MEDIUM
State: TO_VERIFY
Status: RECURRENT
Scan ID: b70b7227-90db-4075-88cb-4c196077be97
Kubernetes API server in all versions prior to 1.21.0-alpha.3 allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
Additional Info
Attack vector: NETWORK
Attack complexity: HIGH
Confidentiality impact: LOW
Availability impact: LOW
Remediation Upgrade Recommendation: kubernetes-1.23.6
The text was updated successfully, but these errors were encountered: