Vulnerability Description
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kubernetes | Kubernetes | >= 1.17.0, <= 1.17.13 |
Related Weaknesses (CWE)
References
- https://github.com/kubernetes/kubernetes/issues/95623Third Party Advisory
- https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5Mailing ListPatchThird Party Advisory
- https://github.com/kubernetes/kubernetes/issues/95623Third Party Advisory
- https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5Mailing ListPatchThird Party Advisory
FAQ
What is CVE-2020-8565?
CVE-2020-8565 is a vulnerability with a CVSS score of 4.7 (MEDIUM). In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This...
How severe is CVE-2020-8565?
CVE-2020-8565 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-8565?
Check the references section above for vendor advisories and patch information. Affected products include: Kubernetes Kubernetes.