VDB
RHSA-2020%3A2926
RHSA-2020%3A2926
PUBLISHED
CVSS 5.400000095367432 MEDIUM
A flaw was found in Kubernetes that allows attackers on adjacent networks to reach services exposed on localhost ports, previously thought to be unreachable. This flaw allows an attacker to gain privileges or access confidential information for any services listening on localhost ports that are not protected by authentication.
Risk Scores
CVSS 3.1
5.400000095367432
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat | openshift4/ose-hyperkube@sha256:d36003d5b5831484297c42496d40345e453a1a5c04af665480fdc52bb5273ffa_s390x as a component of Red Hat OpenShift Container Platform 4.4 | openshift4/ose-hyperkube@sha256:d36003d5b5831484297c42496d40345e453a1a5c04af665480fdc52bb5273ffa_s390x |
| Red Hat | openshift4/ose-hyperkube@sha256:992b2cdf17c868f6a668d899ac06a60b696535ee70ec0e31efd17fe63a9130dd_ppc64le as a component of Red Hat OpenShift Container Platform 4.4 | openshift4/ose-hyperkube@sha256:992b2cdf17c868f6a668d899ac06a60b696535ee70ec0e31efd17fe63a9130dd_ppc64le |
| Red Hat | openshift4/ose-hyperkube@sha256:d8bf95b1f24d108406cd1c464b9fcd1319048e78d41d1d15dc4140be0b94d04f_amd64 as a component of Red Hat OpenShift Container Platform 4.4 | openshift4/ose-hyperkube@sha256:d8bf95b1f24d108406cd1c464b9fcd1319048e78d41d1d15dc4140be0b94d04f_amd64 |
Timeline
- Jul 21, 2020 CVE Published
- Nov 21, 2025 CVE Updated
- May 1, 2026 Distribution Patch
- May 1, 2026 Distribution Patch
- May 1, 2026 Security Advisory
- May 1, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2020:2926 advisory
- https://access.redhat.com/security/updates/classification/#moderate advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=1843358 issue
- https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2926.json advisory
- https://access.redhat.com/security/cve/CVE-2020-8558 advisory
- https://www.cve.org/CVERecord?id=CVE-2020-8558 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2020-8558 advisory
- https://groups.google.com/g/kubernetes-security-announce/c/B1VegbBDMTE advisory