mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-07 19:16:22 +00:00
1.9 KiB
1.9 KiB
CVE-2020-8559
&color=brighgreen)
Description
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
POC
Reference
- https://github.com/kubernetes/kubernetes/issues/92914
- https://github.com/kubernetes/kubernetes/issues/92914
- https://hackerone.com/reports/863979
- https://hackerone.com/reports/863979
Github
- https://github.com/0xT11/CVE-POC
- https://github.com/20142995/sectool
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Live-Hack-CVE/CVE-2020-8559
- https://github.com/Metarget/metarget
- https://github.com/adavarski/HomeLab-Proxmox-k8s-DevSecOps-playground
- https://github.com/adavarski/HomeLab-k8s-DevSecOps-playground
- https://github.com/col4-eng/cloud-native-security
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/iakat/stars
- https://github.com/katlol/stars
- https://github.com/magnologan/awesome-k8s-security
- https://github.com/noirfate/k8s_debug
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/pen4uin/awesome-cloud-native-security
- https://github.com/pen4uin/cloud-native-security
- https://github.com/sim1/stars
- https://github.com/soosmile/POC
- https://github.com/tabbysable/POC-2020-8559
- https://github.com/tdwyer/CVE-2020-8559
- https://github.com/unresolv/stars