CVE-2021-20198 – A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451- …

23 February 2021

Vuln ID: CVE-2021-20198

Published: 2021-02-23 18:15:13Z

Description: A flaw was found in the OpenShift Installer before version v0.9.0-master.0.20210125200451-95101da940b0. During installation of OpenShift Container Platform 4 clusters, bootstrap nodes are provisioned with anonymous authentication enabled on kubelet port 10250. A remote attacker able to reach this port during installation can make unauthenticated `/exec` requests to execute arbitrary commands within running containers. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Source: NVD.NIST.GOV

Date:

23 February 2021

Categorie(s):

NVD

Tag(s):

NVD

Online Banking Security Still Not Up to Par, Says Which?25 April 2024
What to do in the age of the critical breach25 April 2024
Dropbox announces a number of security and data protection features25 April 2024
AuditBoard AI automates important tasks for security teams25 April 2024
Appdome upgrades MOBILEBot Defense for tailored WAF integration25 April 2024