Vulnerabilities

CVE-2020-8559

by Fred · 22/07/2020

The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.

Date published : 2020-07-22

https://security.netapp.com/advisory/ntap-20200810-0004/

https://github.com/kubernetes/kubernetes/issues/92914

Similar

Tags: Cybersecurity Alert