Описание
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.
Ссылки
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
- Third Party Advisory
- Mailing ListPatchThird Party Advisory
Уязвимые конфигурации
Одно из
EPSS
4.7 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
Связанные уязвимости
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.
In Kubernetes, if the logging level is set to at least 9, authorizatio ...
Kubernetes client-go vulnerable to Sensitive Information Leak via Log File
EPSS
4.7 Medium
CVSS3
5.5 Medium
CVSS3
2.1 Low
CVSS2