Moderate severityNVD Advisory· Published Dec 7, 2020· Updated Sep 16, 2024
Ceph RBD adminSecrets exposed in logs when loglevel >= 4
CVE-2020-8566
Description
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/kubernetes/kubernetesGo | < 1.17.13 | 1.17.13 |
github.com/kubernetes/kubernetesGo | >= 1.18.0, < 1.18.10 | 1.18.10 |
github.com/kubernetes/kubernetesGo | >= 1.19.0, < 1.19.3 | 1.19.3 |
Affected products
1- Range: < 1.19.3
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- github.com/advisories/GHSA-5x96-j797-5qqwghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-8566ghsaADVISORY
- bugzilla.redhat.com/show_bug.cgighsaWEB
- github.com/kubernetes/kubernetes/issues/95624ghsax_refsource_CONFIRMWEB
- github.com/kubernetes/kubernetes/pull/95245ghsaWEB
- github.com/kubernetes/kubernetes/pull/95245/commits/e91ec4fad3366d2dee020919f7c2a0d7b52fd3eaghsaWEB
- groups.google.com/g/kubernetes-announce/c/ScdmyORnPDkghsaWEB
- groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJghsamailing-listx_refsource_MLISTWEB
- security.netapp.com/advisory/ntap-20210122-0006ghsaWEB
- security.netapp.com/advisory/ntap-20210122-0006/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.