Vulnerability Details CVE-2021-25736
Kube-proxy
on Windows can unintentionally forward traffic to local processes
listening on the same port (“spec.ports[*].port”) as a LoadBalancer
Service when the LoadBalancer controller
does not set the “status.loadBalancer.ingress[].ip” field. Clusters
where the LoadBalancer controller sets the
“status.loadBalancer.ingress[].ip” field are unaffected.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.0%
CVSS Severity
CVSS v3 Score 5.8
References
- https://github.com/kubernetes/kubernetes/pull/99958
- https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ
- https://security.netapp.com/advisory/ntap-20231221-0003/
- https://github.com/kubernetes/kubernetes/pull/99958
- https://groups.google.com/g/kubernetes-security-announce/c/lIoOPObO51Q/m/O15LOazPAgAJ
- https://security.netapp.com/advisory/ntap-20231221-0003/
Products affected by CVE-2021-25736
-
cpe:2.3:a:kubernetes:kubernetes:1.18.0
-
cpe:2.3:a:kubernetes:kubernetes:1.18.1
-
cpe:2.3:a:kubernetes:kubernetes:1.18.10
-
cpe:2.3:a:kubernetes:kubernetes:1.18.17
-
cpe:2.3:a:kubernetes:kubernetes:1.18.2
-
cpe:2.3:a:kubernetes:kubernetes:1.18.3
-
cpe:2.3:a:kubernetes:kubernetes:1.18.4
-
cpe:2.3:a:kubernetes:kubernetes:1.18.5
-
cpe:2.3:a:kubernetes:kubernetes:1.18.6
-
cpe:2.3:a:kubernetes:kubernetes:1.18.7
-
cpe:2.3:a:kubernetes:kubernetes:1.18.8
-
cpe:2.3:a:kubernetes:kubernetes:1.18.9
-
cpe:2.3:a:kubernetes:kubernetes:1.19.0
-
cpe:2.3:a:kubernetes:kubernetes:1.19.1
-
cpe:2.3:a:kubernetes:kubernetes:1.19.2
-
cpe:2.3:a:kubernetes:kubernetes:1.19.3
-
cpe:2.3:a:kubernetes:kubernetes:1.19.4
-
cpe:2.3:a:kubernetes:kubernetes:1.19.5
-
cpe:2.3:a:kubernetes:kubernetes:1.19.6
-
cpe:2.3:a:kubernetes:kubernetes:1.19.7
-
cpe:2.3:a:kubernetes:kubernetes:1.19.8
-
cpe:2.3:a:kubernetes:kubernetes:1.19.9
-
cpe:2.3:a:kubernetes:kubernetes:1.20.0
-
cpe:2.3:a:kubernetes:kubernetes:1.20.1
-
cpe:2.3:a:kubernetes:kubernetes:1.20.2
-
cpe:2.3:a:kubernetes:kubernetes:1.20.3
-
cpe:2.3:a:kubernetes:kubernetes:1.20.4
-
cpe:2.3:a:kubernetes:kubernetes:1.20.5
-
cpe:2.3:o:microsoft:windows:-