Monday, August 2, 2021

Red Hat OpenShift: CVE-2021-25735: kubernetes: Validating Admission Webhook does not observe some previous fields

Description
A vulnerability was found in Kubernetes' kube-apiserver that could allow Node updates to bypass a Validating Admission Webhook. An authenticated user could exploit this by modifying Node properties to values that should have been prevented by registered admission webhooks.
Solution(s)
  • linuxrpm-upgrade-openshift


  • References
  • https://attackerkb.com/topics/cve-2021-25735
  • CVE - 2021-25735
  • RHSA-2021:2437




  •  

    Copyright © 2020 Cyber Details - Vulnerability Database™

    Thanks for everything Templateism - You should have written the code a little more complicated