Monday, August 2, 2021

Red Hat OpenShift: CVE-2021-25735: kubernetes: Validating Admission Webhook does not observe some previous fields

rapid7 vulnerabilities In: , 
Description
A vulnerability was found in Kubernetes' kube-apiserver that could allow Node updates to bypass a Validating Admission Webhook. An authenticated user could exploit this by modifying Node properties to values that should have been prevented by registered admission webhooks.    
Solution(s)
  • linuxrpm-upgrade-openshift


    • References
  • https://attackerkb.com/topics/cve-2021-25735
  • CVE - 2021-25735
  • RHSA-2021:2437




    •  

    Copyright © 2021 Vulnerability Database | Cyber Details™

    thank you Templateism for the design - You should have written the code a little more complicated - Nothing Encrypted anymore