Description
A security issue was discovered in Kubernetes where a user may be able to redirect pod traffic to private networks on a Node. Kubernetes already prevents creation of Endpoint IPs in the localhost or link-local range, but the same validation was not performed on EndpointSlice IPs.
Related CPE's
a
kubernetes
kubernetes
4
References
https://github.com/kubernetes/kubernetes/issues/102106
PatchThird Party Advisory
https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY
Mailing ListThird Party Advisory
https://security.netapp.com/advisory/ntap-20211004-0004/
Third Party Advisory
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 · Medium
CVSS V3.1
CVSS V3.0
CVSS V2.0
Information
Source identifier
Vulnerability status
Analyzed
Published
2021-09-06T12:15:07.673
3 years agoLast modified
2021-10-07T17:55:09.130
3 years ago