Vulnerability Details CVE-2020-8551
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.4%
CVSS Severity
CVSS v3 Score 4.3
CVSS v2 Score 3.3
References
- https://github.com/kubernetes/kubernetes/issues/89377
- https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/
- https://security.netapp.com/advisory/ntap-20200413-0003/
- https://github.com/kubernetes/kubernetes/issues/89377
- https://groups.google.com/forum/#%21topic/kubernetes-security-announce/2UOlsba2g0s
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/
- https://security.netapp.com/advisory/ntap-20200413-0003/
Products affected by CVE-2020-8551
-
cpe:2.3:a:kubernetes:kubernetes:1.15.0
-
cpe:2.3:a:kubernetes:kubernetes:1.15.1
-
cpe:2.3:a:kubernetes:kubernetes:1.15.2
-
cpe:2.3:a:kubernetes:kubernetes:1.15.3
-
cpe:2.3:a:kubernetes:kubernetes:1.15.4
-
cpe:2.3:a:kubernetes:kubernetes:1.15.5
-
cpe:2.3:a:kubernetes:kubernetes:1.15.6
-
cpe:2.3:a:kubernetes:kubernetes:1.15.7
-
cpe:2.3:a:kubernetes:kubernetes:1.15.8
-
cpe:2.3:a:kubernetes:kubernetes:1.15.9
-
cpe:2.3:a:kubernetes:kubernetes:1.16.0
-
cpe:2.3:a:kubernetes:kubernetes:1.16.1
-
cpe:2.3:a:kubernetes:kubernetes:1.16.2
-
cpe:2.3:a:kubernetes:kubernetes:1.16.3
-
cpe:2.3:a:kubernetes:kubernetes:1.16.4
-
cpe:2.3:a:kubernetes:kubernetes:1.16.5
-
cpe:2.3:a:kubernetes:kubernetes:1.16.6
-
cpe:2.3:a:kubernetes:kubernetes:1.17.0
-
cpe:2.3:a:kubernetes:kubernetes:1.17.1
-
cpe:2.3:a:kubernetes:kubernetes:1.17.2
-
cpe:2.3:o:fedoraproject:fedora:32