RHEL 7 / 8 : OpenShift Container Platform 4.3.10 openshift (RHSA-2020:1276)
Discription

The remote Redhat Enterprise Linux 7 / 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1276 advisory.

– kubernetes: crafted requests to kubelet API allow for memory exhaustion (CVE-2020-8551)

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.Read More

References

https://bugzilla.redhat.com/1816403https://access.redhat.com/errata/RHSA-2020:1276http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-8551https://access.redhat.com/security/cve/CVE-2020-8551

3.3 Low

CVSS2

  • Access Vector
  • Access Complexity
  • Authentication
  • Confidentiality Impact
  • Integrity Impact
  • Availability Impact
  • Adjacent_network
  • Low
  • None
  • None
  • None
  • Partial

AV:A/AC:L/Au:N/C:N/I:N/A:P

6.5 Medium

CVSS3

  • Attack Vector
  • Attack Complexity
  • Privileges Required
  • User Interaction
  • Scope
  • Confidentiality Impact
  • Integrity Impact
  • Availability Impact
  • Adjacent_network
  • Low
  • None
  • None
  • Unchanged
  • None
  • None
  • High

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Back to Main
Subscribe for the latest news: