Описание
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
Ссылки
- ExploitMitigationPatchThird Party Advisory
- ExploitMailing ListMitigationThird Party Advisory
- Third Party Advisory
- ExploitMitigationPatchThird Party Advisory
- ExploitMailing ListMitigationThird Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Одно из
EPSS
5.4 Medium
CVSS3
8.8 High
CVSS3
5.8 Medium
CVSS2
Дефекты
Связанные уязвимости
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17. ...
EPSS
5.4 Medium
CVSS3
8.8 High
CVSS3
5.8 Medium
CVSS2