VDB
DEBIAN-CVE-2020-8558
DEBIAN-CVE-2020-8558
PUBLISHED
CVSS 8.800000190734863 HIGH
The Kubelet and kube-proxy components in versions 1.1.0-1.16.10, 1.17.0-1.17.6, and 1.18.0-1.18.3 were found to contain a security issue which allows adjacent hosts to reach TCP and UDP services bound to 127.0.0.1 running on the node or in the node's network namespace. Such a service is generally thought to be reachable only by other processes on the same host, but due to this defeect, could be reachable by other hosts on the same LAN as the node, or by containers running on the same node as the service.
Risk Scores
CVSS 3.1
8.800000190734863
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | kubernetes | 0, 0, 0 |
| Debian:13 | kubernetes | 0, 0, 0 |
| Debian:14 | kubernetes | 0, 0, 0 |
| Debian:11 | kubernetes | 0, 0, 0 |
Exploit Intelligence
- Crafting raw TCP/IP packets to send to poorly configured Kubernetes servers - CVE-2020-8558 PoC (github-poc)
- Information about Kubernetes CVE-2020-8558, including proof of concept exploit. (github-poc)
- CVE.json (github-poc)
- .trivyignore.yaml (github-poc)
- cve_db.json (github-poc)
- checksec.go (github-poc)
- vul.go (github-poc)
- auto.go (github-poc)
- exploit.go (github-poc)
Timeline
- Jul 27, 2020 CVE Published
- Apr 28, 2026 CVE Updated