4
CVSSv2

CVE-2020-8552

Published: 27/03/2020 Updated: 24/07/2020
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Vulnerability Summary

The Kubernetes API server component in versions before 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

kubernetes kubernetes

Vendor Advisories

Synopsis Moderate: OpenShift Container Platform 4229 openshift security update Type/Severity Security Advisory: Moderate Topic An update for openshift is now available for Red Hat OpenShift Container Platform 42Red Hat Product Security has rated this update as having a security impact of Moderate A Com ...
Synopsis Moderate: OpenShift Container Platform 4229 openshift-enterprise-hyperkube-container security update Type/Severity Security Advisory: Moderate Topic An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 42Red Hat Product Security has ra ...
Synopsis Moderate: OpenShift Container Platform 439 ose-openshift-apiserver-container security update Type/Severity Security Advisory: Moderate Topic An update for ose-openshift-apiserver-container is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has rated this update ...
Synopsis Moderate: OpenShift Container Platform 4234 ose-openshift-apiserver-container security update Type/Severity Security Advisory: Moderate Topic An update for ose-openshift-apiserver-container is now available for Red Hat OpenShift Container Platform 42Red Hat Product Security has rated this updat ...
Synopsis Moderate: OpenShift Container Platform 311 security update Type/Severity Security Advisory: Moderate Topic An update for atomic-openshift, atomic-openshift-web-console, and cri-o is now available for Red Hat OpenShift Container Platform 311Red Hat Product Security has rated this update as having ...

Mailing Lists

Hello Kubernetes Community, Two security issues were discovered in Kubernetes that could lead to a recoverable denial of service *CVE-2020-8551* affects the kubelet, and has been rated *Medium *( CVSS:30/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L <wwwfirstorg/cvss/calculator/30#CVSS:30/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L> ) *CVE-20 ...

Github Repositories

Online resources that will help you prepare for taking the CNCF/Linux Foundation CKS 2020 "Kubernetes Certified Security Specialist" Certification exam. with time, This is not likely the comprehensive up to date list - please make a pull request if there something that should be added here.

Certified Kubernetes Security Specialist (CKS) Coming soon November 2020 Online resources that will help you prepare for taking the Kubernetes Certified Kubernetes Security Specialist Certification exam Disclaimer: This is not likely a comprehensive list as the exam is not out yet, most likely will be a moving target with the fast pace of k8s development please make a pull re

Certified Kubernetes Security Specialist (CKS) Coming soon November 2020 Online resources that will help you prepare for taking the Kubernetes Certified Kubernetes Security Specialist Certification exam Disclaimer: This is not likely a comprehensive list as the exam is not out yet, most likely will be a moving target with the fast pace of k8s development please make a pull re

CKSS related material

Certified Kubernetes Security Specialist (CKS) Coming soon November 2020 Online resources that will help you prepare for taking the Kubernetes Certified Kubernetes Security Specialist Certification exam Disclaimer: This is not likely a comprehensive list as the exam is not out yet, most likely will be a moving target with the fast pace of k8s development please make a pull re

CKS 官方考纲 CKS 官方考纲: [CKS_Curriculum_ v119pdf](/CKS_Curriculum_ v119pdf) Cluster Setup - 10% Securing a Cluster Use Network security policies to restrict cluster level access kubernetesio/docs/concepts/services-networking/network-policies/ Use CIS benchmark to review the security configuration of Kubernetes components(etcd, kubelet, kubedns, ku

movie-catalog-service Artigo sobre o padrão de arquitetura técnica Main technologies and platforms used are: Java, Spring Boot, Spring Cloud, Resilience4J, Spring Cloud Kubernetes, RX Java, Micrometer Docker, Kubernetes, Prometheus, Grafana, Elastic Search, FluentD, Kibana, Jaeger, Istio, Helm, Kops Jenkins, Git, Nexus, Harbor, SonarQube, Maven, Junit, FindSecBug