MEDIUM 5.3 Go
Sensitive Information leak via Log File in Kubernetes
GHSA-5x96-j797-5qqw · CVE-2020-8566 · GO-2024-2754
Published · Modified
Description
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13.
References
- ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2020-8566
- WEB https://github.com/kubernetes/kubernetes/issues/95624
- WEB https://github.com/kubernetes/kubernetes/pull/95245
- WEB https://github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3ea
- WEB https://bugzilla.redhat.com/show_bug.cgi?id=1886640
- PACKAGE https://github.com/kubernetes/kubernetes
- WEB https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
- WEB https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ
- WEB https://security.netapp.com/advisory/ntap-20210122-0006
Ready to move
Start Securing
Free, no credit card | First findings in minutes