CVE-2020-8554

Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.

Published: Jan 21, 2021
Updated: Nov 8, 2023
CVE: CVE-2020-8554
GHSA: GHSA-j9wf-vvm6-4r9w
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5
AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS v2:

Severity: Medium
Score: 6
AV:N/AC:M/Au:S/C:P/I:P/A:P

CWEs:

CWE-283

Affected Software
References

Software	From	Fixed in
kubernetes / kubernetes	-	-
oracle / communications_cloud_native_core_network_slice_selection_function	1.2.1	1.2.1.x
oracle / communications_cloud_native_core_service_communication_proxy	1.14.0	1.14.0.x
oracle / communications_cloud_native_core_policy	1.15.0	1.15.0.x
k8s.io/kubernetes	-	1.22.0.x

Vulnerability Database

289,599

CVE-2020-8554