Improper validation of URL redirection in the Kubernetes API server in versions prior to v1.14.0 allows an attacker-controlled Kubelet to redirect API server requests from streaming endpoints to arbitrary hosts. Impacted API servers will follow the redirect as a GET request with client-certificate credentials for authenticating to the Kubelet.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
kubernetes kubernetes 1.14.0 |
||
kubernetes kubernetes |
||
fedoraproject fedora 31 |