Sunday, June 27, 2021

Red Hat OpenShift: CVE-2021-25736: kubernetes: LoadBalancer Service type don't create a HNS policy for empty or invalid external loadbalancer IP, what could lead to MITM

Description
A flaw was found in the Windows kube-proxy component. In a cloud environment that does not set the “.status.loadBalancer.ingress.ip” field in the LoadBalancer service status configuration (for example in AWS) the packets can be misrouted and reach an unintended destination.
Solution(s)
  • linuxrpm-upgrade-openshift4-wincw-windows-machine-config-rhel8-operator


  • References
  • https://attackerkb.com/topics/cve-2021-25736
  • CVE - 2021-25736
  • RHSA-2021:2130




  •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore