CVE-2020-8562 - log back

CVE-2020-8562 edited at 04 May 2021 18:44:55
Severity
- Unknown
+ Low
Remote
- Unknown
+ Remote
Type
- Unknown
+ Access restriction bypass
Description
+ A security issue was discovered in Kubernetes where an authorized user may be able to access private networks on the Kubernetes control plane components. Kubernetes clusters are only affected if an untrusted user can create or modify Node objects and proxy to them, or an untrusted user can create or modify StorageClass objects and access KubeControllerManager logs.
References
+ https://github.com/kubernetes/kubernetes/issues/101493
Notes
+ Workaround
+ ==========
+
+ If this issue affects your clusters’ control planes, you can use dnsmasq for name resolution and configure the min-cache-ttl and neg-ttl parameters to a low non-zero value to enforce cached replies for proxied connections.
CVE-2020-8562 created at 04 May 2021 18:43:23