Описание
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
Ссылки
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
- Issue TrackingPatchThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 1.15.9 (включая)Версия от 1.16.0 (включая) до 1.16.6 (включая)Версия от 1.17.0 (включая) до 1.17.2 (включая)
Одно из
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
EPSS
Процентиль: 38%
0.00161
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-789
CWE-770
Связанные уязвимости
CVSS3: 5.3
ubuntu
около 5 лет назад
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
CVSS3: 4.3
redhat
около 5 лет назад
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.
CVSS3: 5.3
debian
около 5 лет назад
The Kubernetes API server component in versions prior to 1.15.9, 1.16. ...
EPSS
Процентиль: 38%
0.00161
Низкий
5.3 Medium
CVSS3
4.3 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-789
CWE-770