tabbysable

2 exploits Active since Jul 2020

CVE-2020-8558 NOMISEC MEDIUM WRITEUP

Kubelet and kube-proxy <1.16.10-1.18.3 - SSRF

The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.

43 stars

CVSS 5.4

View Code

CVE-2020-8559 NOMISEC MEDIUM WORKING POC

Kubernetes <v1.16.13,v1.17.9,v1.18.6 - Open Redirect

The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.

20 stars

CVSS 6.4

View Code