Security Advisory

CVE-2020-8559

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-22 13:47:08

Last updated 2024-09-16 17:58:15

Assigner kubernetes

State PUBLISHED

Description

The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.

← Browse all CVEs View on cve.org ↗