CVE-2020-8562 log

Severity Low
Remote Yes
Type Access restriction bypass
A security issue was discovered in Kubernetes where an authorized user may be able to access private networks on the Kubernetes control plane components. Kubernetes clusters are only affected if an untrusted user can create or modify Node objects and proxy to them, or an untrusted user can create or modify StorageClass objects and access KubeControllerManager logs.
Group Package Affected Fixed Severity Status Ticket
AVG-1915 kube-apiserver, kube-controller-manager, kube-proxy, kube-scheduler, kubelet 1.23.0-1 Low Vulnerable

If this issue affects your clusters’ control planes, you can use dnsmasq for name resolution and configure the min-cache-ttl and neg-ttl parameters to a low non-zero value to enforce cached replies for proxied connections.