CVE-2020-8559
CVSS v3.1
6.8 (Medium)
CVSS v2.0
6 (Medium)
EPSS
0.34 % (72th)
Affected Products
1
Advisories
5
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
Weaknesses
- CWE-601
- URL Redirection to Untrusted Site ('Open Redirect')
- CVE Status
- PUBLISHED
- CNA
- Kubernetes
- Published Date
-
2020-07-22 14:15:16
(4 years ago) - Updated Date
-
2023-01-27 20:34:52
(19 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...