#VU53436 Information disclosure in Kubernetes - CVE-2021-25737

Cybersecurity Help s.r.o.

Published: 2021-05-24

Vulnerability identifier: #VU53436

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-25737

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Kubernetes
Server applications / Frameworks for developing and running applications

Vendor: Kubernetes

Description

The vulnerability allows a remote user to gain access to potentially sensitive information.

The vulnerability exists due to a host network hijacking flaw because of holes in EndpointSlice validation. A remote administrator can redirect pod traffic to private networks on a Node and gain unauthorized access to sensitive information on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Kubernetes: 1.16.0 - 1.19.10, 1.20.0 - 1.21.0

External links
https://github.com/kubernetes/kubernetes/issues/102106
https://seclists.org/oss-sec/2021/q2/155

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in OpenShift Container Platform 4.10

IBM Cloud Private update for Kubernetes

openEuler update for kubernetes

Multiple vulnerabilities in Red Hat Migration Toolkit for Containers

Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.8 packages

Arch Linux update for kube-apiserver

Information disclosure in Kubernetes