Security Advisory

CVE-2020-8568

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-01-21 17:09:21

Last updated 2024-09-17 03:28:40

Assigner kubernetes

State PUBLISHED

Description

Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem and sync file contents to Kubernetes Secrets. This includes paths under var/lib/kubelet/pods that contain other Kubernetes Secrets.

← Browse all CVEs View on cve.org ↗