Vulnerability Description
A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially intercept or manipulate communication with the Kubernetes API server, leading to possible man-in-the-middle attacks and API impersonation.
CVSS Score
MEDIUM
Related Weaknesses (CWE)
References
- https://github.com/kubernetes/kubernetes/issues/134063
- https://groups.google.com/g/kubernetes-security-announce/c/rLopt2Msvbw/m/rK6XeNw
- http://www.openwall.com/lists/oss-security/2025/09/16/1
FAQ
What is CVE-2025-9708?
CVE-2025-9708 is a vulnerability with a CVSS score of 6.8 (MEDIUM). A vulnerability exists in the Kubernetes C# client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority (CA) without properly verifying the t...
How severe is CVE-2025-9708?
CVE-2025-9708 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-9708?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.