{"containers":{"cna":{"affected":[{"product":"Kubernetes","vendor":"Kubernetes","versions":[{"status":"affected","version":"1.18.0"},{"status":"affected","version":"1.1"},{"status":"affected","version":"1.2"},{"status":"affected","version":"1.3"},{"status":"affected","version":"1.4"},{"status":"affected","version":"1.5"},{"status":"affected","version":"1.6"},{"status":"affected","version":"1.7"},{"status":"affected","version":"1.8"},{"status":"affected","version":"1.9"},{"status":"affected","version":"1.10"},{"status":"affected","version":"1.11"},{"status":"affected","version":"1.12"},{"status":"affected","version":"1.13"},{"status":"affected","version":"1.14"},{"lessThan":"1.15.12","status":"affected","version":"1.15","versionType":"custom"},{"lessThan":"1.16.9","status":"affected","version":"1.16","versionType":"custom"},{"lessThan":"1.17.5","status":"affected","version":"1.17","versionType":"custom"}]}],"credits":[{"lang":"en","value":"Brice Augras from Groupe-Asten and Christophe Hauquiert from Nokia"}],"descriptions":[{"lang":"en","value":"The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services)."}],"metrics":[{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.3,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","version":"3.1"}}],"problemTypes":[{"descriptions":[{"cweId":"CWE-918","description":"CWE-918 Server-Side Request Forgery (SSRF)","lang":"en","type":"CWE"}]}],"providerMetadata":{"dateUpdated":"2021-05-04T20:06:18.000Z","orgId":"a6081bf6-c852-4425-ad4f-a67919267565","shortName":"kubernetes"},"references":[{"name":"[oss-security] 20200601 CVE-2020-8555: Kubernetes: Half-Blind SSRF in kube-controller-manager","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2020/06/01/4"},{"tags":["mailing-list","x_refsource_MLIST"],"url":"https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion"},{"tags":["x_refsource_CONFIRM"],"url":"https://github.com/kubernetes/kubernetes/issues/91542"},{"name":"FEDORA-2020-aeea04cd13","tags":["vendor-advisory","x_refsource_FEDORA"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/"},{"tags":["x_refsource_CONFIRM"],"url":"https://security.netapp.com/advisory/ntap-20200724-0005/"},{"name":"[oss-security] 20210504 [kubernetes] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU","tags":["mailing-list","x_refsource_MLIST"],"url":"http://www.openwall.com/lists/oss-security/2021/05/04/8"}],"source":{"defect":["https://github.com/kubernetes/kubernetes/issues/91542"],"discovery":"EXTERNAL"},"title":"Kubernetes  kube-controller-manager SSRF","workarounds":[{"lang":"en","value":"Prior to upgrading, this vulnerability can be mitigated by adding endpoint protections on the master or restricting usage of the vulnerable volume types (for example by constraining usage with a PodSecurityPolicy or third-party admission controller such as Gatekeeper) and restricting StorageClass write permissions through RBAC."}],"x_generator":{"engine":"Vulnogram 0.0.9"},"x_legacyV4Record":{"CVE_data_meta":{"AKA":"","ASSIGNER":"security@kubernetes.io","DATE_PUBLIC":"","ID":"CVE-2020-8555","STATE":"PUBLIC","TITLE":"Kubernetes  kube-controller-manager SSRF"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Kubernetes","version":{"version_data":[{"platform":"","version_affected":"<","version_name":"1.15","version_value":"1.15.12"},{"platform":"","version_affected":"<","version_name":"1.16","version_value":"1.16.9"},{"platform":"","version_affected":"<","version_name":"1.17","version_value":"1.17.5"},{"platform":"","version_affected":"","version_name":"","version_value":"1.18.0"},{"platform":"","version_affected":"","version_name":"","version_value":"1.1"},{"platform":"","version_affected":"","version_name":"","version_value":"1.2"},{"platform":"","version_affected":"","version_name":"","version_value":"1.3"},{"platform":"","version_affected":"","version_name":"","version_value":"1.4"},{"platform":"","version_affected":"","version_name":"","version_value":"1.5"},{"platform":"","version_affected":"","version_name":"","version_value":"1.6"},{"platform":"","version_affected":"","version_name":"","version_value":"1.7"},{"platform":"","version_affected":"","version_name":"","version_value":"1.8"},{"platform":"","version_affected":"","version_name":"","version_value":"1.9"},{"platform":"","version_affected":"","version_name":"","version_value":"1.10"},{"platform":"","version_affected":"","version_name":"","version_value":"1.11"},{"platform":"","version_affected":"","version_name":"","version_value":"1.12"},{"platform":"","version_affected":"","version_name":"","version_value":"1.13"},{"platform":"","version_affected":"","version_name":"","version_value":"1.14"}]}}]},"vendor_name":"Kubernetes"}]}},"configuration":[],"credit":[{"lang":"eng","value":"Brice Augras from Groupe-Asten and Christophe Hauquiert from Nokia"}],"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services)."}]},"exploit":[],"generator":{"engine":"Vulnogram 0.0.9"},"impact":{"cvss":{"attackComplexity":"HIGH","attackVector":"NETWORK","availabilityImpact":"NONE","baseScore":6.3,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"NONE","privilegesRequired":"LOW","scope":"CHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N","version":"3.1"}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-918 Server-Side Request Forgery (SSRF)"}]}]},"references":{"reference_data":[{"name":"[oss-security] 20200601 CVE-2020-8555: Kubernetes: Half-Blind SSRF in kube-controller-manager","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2020/06/01/4"},{"name":"","refsource":"MLIST","url":"https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion"},{"name":"https://github.com/kubernetes/kubernetes/issues/91542","refsource":"CONFIRM","url":"https://github.com/kubernetes/kubernetes/issues/91542"},{"name":"FEDORA-2020-aeea04cd13","refsource":"FEDORA","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/"},{"name":"https://security.netapp.com/advisory/ntap-20200724-0005/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20200724-0005/"},{"name":"[oss-security] 20210504 [kubernetes] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2021/05/04/8"}]},"solution":[],"source":{"advisory":"","defect":["https://github.com/kubernetes/kubernetes/issues/91542"],"discovery":"EXTERNAL"},"work_around":[{"lang":"en","value":"Prior to upgrading, this vulnerability can be mitigated by adding endpoint protections on the master or restricting usage of the vulnerable volume types (for example by constraining usage with a PodSecurityPolicy or third-party admission controller such as Gatekeeper) and restricting StorageClass write permissions through RBAC."}]}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T10:03:46.110Z"},"title":"CVE Program Container","references":[{"name":"[oss-security] 20200601 CVE-2020-8555: Kubernetes: Half-Blind SSRF in kube-controller-manager","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2020/06/01/4"},{"tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"https://groups.google.com/d/topic/kubernetes-security-announce/kEK27tqqs30/discussion"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://github.com/kubernetes/kubernetes/issues/91542"},{"name":"FEDORA-2020-aeea04cd13","tags":["vendor-advisory","x_refsource_FEDORA","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://security.netapp.com/advisory/ntap-20200724-0005/"},{"name":"[oss-security] 20210504 [kubernetes] CVE-2020-8562: Bypass of Kubernetes API Server proxy TOCTOU","tags":["mailing-list","x_refsource_MLIST","x_transferred"],"url":"http://www.openwall.com/lists/oss-security/2021/05/04/8"}]}]},"cveMetadata":{"assignerOrgId":"a6081bf6-c852-4425-ad4f-a67919267565","assignerShortName":"kubernetes","cveId":"CVE-2020-8555","datePublished":"2020-06-04T21:50:11.749Z","dateReserved":"2020-02-03T00:00:00.000Z","dateUpdated":"2024-09-16T18:39:58.006Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}