CVE-2020-8562 log

Source
Severity Low
Remote Yes
Type Access restriction bypass
Description
A security issue was discovered in Kubernetes where an authorized user may be able to access private networks on the Kubernetes control plane components. Kubernetes clusters are only affected if an untrusted user can create or modify Node objects and proxy to them, or an untrusted user can create or modify StorageClass objects and access KubeControllerManager logs.
Group Package Affected Fixed Severity Status Ticket
AVG-1915 kube-apiserver, kube-controller-manager, kube-proxy, kube-scheduler, kubelet 1.23.0-1 Low Vulnerable
References
https://github.com/kubernetes/kubernetes/issues/101493
Notes
Workaround
==========

If this issue affects your clusters’ control planes, you can use dnsmasq for name resolution and configure the min-cache-ttl and neg-ttl parameters to a low non-zero value to enforce cached replies for proxied connections.