Cve-2020-8558 Extra Quality – Must Try

| Component | Versions Affected | Role | | ------------------ | ----------------- | ---------------------------------------------- | | kube-proxy | ≤ 1.18.0 | iptables/IPVS rule generator | | kubelet (optional) | all if reachable | Exposes metrics, pprof, logs on 127.0.0.1:10248/10250 | | Node OS | Any with route_localnet=1 | Default on many distributions (e.g., GKE, kubeadm) |

21 Nov 2024 — NIST: NVD. Base Score: 8.8 HIGH. Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. National Institute of Standards and Technology (.gov) cve-2020-8558

CVE-2020-8558 is a critical vulnerability in Kubernetes that has significant implications for organizations using the platform. By understanding the vulnerability, its impact, and the recommended mitigations, organizations can take proactive steps to protect their Kubernetes clusters and prevent potential attacks. | Component | Versions Affected | Role |