Security Advisory

CVE-2020-8561

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-20 17:05:16

Last updated 2024-09-16 22:29:49

Assigner kubernetes

State PUBLISHED

Description

A security issue was discovered in Kubernetes where actors that control the responses of MutatingWebhookConfiguration or ValidatingWebhookConfiguration requests are able to redirect kube-apiserver requests to private networks of the apiserver. If that user can view kube-apiserver logs when the log level is set to 10, they can view the redirected responses and headers in the logs.

← Browse all CVEs View on cve.org ↗