3.5
CVSSv2

CVE-2020-8555

Published: 05/06/2020 Updated: 24/07/2020
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 6.3 | Impact Score: 4 | Exploitability Score: 1.8
Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N

Vulnerability Summary

The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

kubernetes kubernetes

kubernetes kubernetes 1.18.0

Vendor Advisories

Synopsis Moderate: OpenShift Container Platform 4236 openshift security update Type/Severity Security Advisory: Moderate Topic An update for openshift is now available for Red Hat OpenShift Container Platform 42Red Hat Product Security has rated this update as having a security impact of Moderate A Com ...
Synopsis Moderate: OpenShift Container Platform 448 openshift-enterprise-hyperkube-container security update Type/Severity Security Advisory: Moderate Topic An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 44Red Hat Product Security has rat ...
Synopsis Moderate: OpenShift Container Platform 448 openshift security update Type/Severity Security Advisory: Moderate Topic An update for openshift is now available for Red Hat OpenShift Container Platform 44Red Hat Product Security has rated this update as having a security impact of Moderate A Comm ...
Synopsis Moderate: OpenShift Container Platform 4325 openshift-enterprise-hyperkube-container security update Type/Severity Security Advisory: Moderate Topic An update for openshift-enterprise-hyperkube-container is now available for Red Hat OpenShift Container Platform 43Red Hat Product Security has ra ...

Mailing Lists

Hello Kubernetes Community, There exists a Server Side Request Forgery (SSRF) vulnerability in kube-controller-manager that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services) This issue has been rated medium ( CVSS: ...

Github Repositories

Online resources that will help you prepare for taking the CNCF/Linux Foundation CKS 2020 "Kubernetes Certified Security Specialist" Certification exam. with time, This is not likely the comprehensive up to date list - please make a pull request if there something that should be added here.

Certified Kubernetes Security Specialist (CKS) Coming soon November 2020 Online resources that will help you prepare for taking the Kubernetes Certified Kubernetes Security Specialist Certification exam Disclaimer: This is not likely a comprehensive list as the exam is not out yet, most likely will be a moving target with the fast pace of k8s development please make a pull re

CKSS related material

Certified Kubernetes Security Specialist (CKS) Coming soon November 2020 Online resources that will help you prepare for taking the Kubernetes Certified Kubernetes Security Specialist Certification exam Disclaimer: This is not likely a comprehensive list as the exam is not out yet, most likely will be a moving target with the fast pace of k8s development please make a pull re

Certified Kubernetes Security Specialist (CKS) Coming soon November 2020 Online resources that will help you prepare for taking the Kubernetes Certified Kubernetes Security Specialist Certification exam Disclaimer: This is not likely a comprehensive list as the exam is not out yet, most likely will be a moving target with the fast pace of k8s development please make a pull re

CKS 官方考纲 CKS 官方考纲: [CKS_Curriculum_ v119pdf](/CKS_Curriculum_ v119pdf) Cluster Setup - 10% Securing a Cluster Use Network security policies to restrict cluster level access kubernetesio/docs/concepts/services-networking/network-policies/ Use CIS benchmark to review the security configuration of Kubernetes components(etcd, kubelet, kubedns, ku