CVE-2020-8559
- Reference to the description:
- Description:
- The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
- Last updated date:
- 01/27/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/22/2020
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 07/22/2020
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 08/10/2020
- Reference url to background
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 08/10/2020
- Reference url to background
https://groups.google.com/d/msg/kubernetes-security-announce/JAIGG5yNROs/19nHQ5wkBwAJ