Cve-2020-8558 ((new))

: In some deployments, the Kubernetes API server listens on an insecure port (typically 8080 ) on localhost. An attacker exploiting this bypass could gain full administrative control over the cluster.

The vulnerability affects the following Kubernetes versions: cve-2020-8558

Kubernetes uses to manage network rules (iptables/IPVS) for Services. By design, certain node-local services (e.g., kubelet metrics, debugging endpoints) bind only to 127.0.0.1 to prevent remote access. However, CVE-2020-8558 allowed remote pods to reach those loopback-bound services by sending packets to the node’s primary IP address when route_localnet was enabled. : In some deployments, the Kubernetes API server

Member Login

Log in with your Facebook account

OR

MangaTown account Don’t have an account?

Register A New Account

Want to save time? Sign up with your facebook account now

OR

Complete the form below

Forgot password

If you’ve forgotten your passowrd,you can write your registered email here to get your password back.