CVE-2020-8559

Name
CVE-2020-8559
Description
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Exploit https://github.com/kubernetes/kubernetes/issues/92914
Exploit https://groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ
CONFIRM https://security.netapp.com/advisory/ntap-20200810-0004/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* kubernetes >= 1.6.0 <= 1.15.0
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* kubernetes >= 1.16.0 < 1.16.13
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* kubernetes >= 1.17.0 < 1.17.9
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:* kubernetes >= 1.18.0 < 1.18.6

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
k3s edge-community 1.18.6.1-r0 None fixed
k3s 3.22-community 1.18.6.1-r0 None fixed
k3s 3.21-community 1.18.6.1-r0 None fixed
k3s 3.20-community 1.18.6.1-r0 None fixed
k3s 3.19-community 1.18.6.1-r0 None fixed
k3s 3.18-community 1.18.6.1-r0 None fixed
k3s 3.17-community 1.18.6.1-r0 None fixed