Vulnerability Details CVE-2021-25740
A security issue was discovered with Kubernetes that could enable users to send network traffic to locations they would otherwise not have access to via a confused deputy attack.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 66.4%
CVSS Severity
CVSS v3 Score 3.1
CVSS v2 Score 3.5
References
- https://github.com/kubernetes/kubernetes/issues/103675
- https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE
- https://security.netapp.com/advisory/ntap-20211014-0001/
- https://github.com/kubernetes/kubernetes/issues/103675
- https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE
- https://security.netapp.com/advisory/ntap-20211014-0001/
Products affected by CVE-2021-25740
-
cpe:2.3:a:kubernetes:kubernetes:-