VDB
CVE-2021-25735
CVE-2021-25735
REJECTED
A security issue was discovered in kube-apiserver that could allow node updates to bypass a Validating Admission Webhook. Clusters are only affected by this vulnerability if they run a Validating Admission Webhook for Nodes that denies admission based at least partially on the old state of the Node object. Validating Admission Webhook does not observe some previous fields.
EPSS 16.30% · 95.0th percentile
Risk Scores
EPSS Score
16.30%
95.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:24.04:LTS | kubernetes | 0, 1.0 |
| Ubuntu:Pro:20.04:LTS | kubernetes | 1.0, 0 |
| Ubuntu:22.04:LTS | kubernetes | 0, 1.0 |
Exploit Intelligence
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass (github-poc)
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass (github-poc)
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass (github-poc)
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass (github-poc)
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass (github-poc)
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass (github-poc)
- Exploit CVE-2021-25735: Kubernetes Validating Admission Webhook Bypass (github-poc)
- CVE.json (github-poc)
- CVE.json (github-poc)
- CVE.json (github-poc)
…and 13 more exploits
Timeline
- May 28, 2021 CVE Published
- Sep 6, 2021 EPSS Score
- Dec 31, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 12, 2022 CVE Updated
- Apr 25, 2022 EPSS Score
- Aug 20, 2022 EPSS Score
- Dec 13, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Apr 8, 2023 EPSS Score
- Aug 2, 2023 EPSS Score
- Nov 25, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2021-25735 third-party-advisory
- https://www.openwall.com/lists/oss-security/2021/04/14/1 third-party-advisory
- https://github.com/kubernetes/kubernetes/issues/100096 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2021-25735 third-party-advisory