Moderate severityNVD Advisory· Published Mar 27, 2020· Updated Aug 4, 2024
Kubernetes kubelet denial of service
CVE-2020-8551
Description
The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on port 10250.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
k8s.io/kubernetesGo | >= 1.15.0, < 1.15.10 | 1.15.10 |
k8s.io/kubernetesGo | >= 1.16.0, < 1.16.6 | 1.16.6 |
k8s.io/kubernetesGo | >= 1.17.0, < 1.17.2 | 1.17.2 |
Affected products
4- osv-coords3 versionspkg:apk/chainguard/kubernetes-dns-node-cache-1.17pkg:golang/k8s.io/kubernetespkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Tumbleweed
< 0+ 2 more
- (no CPE)range: < 0
- (no CPE)range: >= 1.15.0, < 1.15.10
- (no CPE)range: < 0.0.20250807T150727-1.1
- Range: unspecified
Patches
Vulnerability mechanics
References
11- github.com/advisories/GHSA-qhm4-jxv7-j9pqghsaADVISORY
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LX/mitrevendor-advisoryx_refsource_FEDORA
- nvd.nist.gov/vuln/detail/CVE-2020-8551ghsaADVISORY
- github.com/kubernetes/kubernetes/commit/9802bfcec0580169cffce2a3d468689a407fa7dcghsaWEB
- github.com/kubernetes/kubernetes/issues/89377ghsax_refsource_MISCWEB
- github.com/kubernetes/kubernetes/pull/87913ghsaWEB
- groups.google.com/forum/ghsaWEB
- groups.google.com/forum/mitrex_refsource_MISC
- lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SOCLOPTSYABTE4CLTSPDIFE6ZZZR4LXghsaWEB
- security.netapp.com/advisory/ntap-20200413-0003ghsaWEB
- security.netapp.com/advisory/ntap-20200413-0003/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.