<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1462084720533760&amp;ev=PageView&amp;noscript=1">
Virsec Security Research Lab

CVE-2020-8570: Kubernetes Java Client -Path Traversal

Virsec Security Research Lab Vulnerability Analysis

The Virsec Security Research Lab provides timely, relevant analysis about recent and notable security vulnerabilities.

1.1        Vulnerability Summary

Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executing the client code.

cve-2020-8570

Watch the video to learn more about this and other important vulnerabilities.

1.2        CVSS Score

The CVSS Base score of this vulnerability is not disclosed at this time by either NVD or by vendor.

1.3        Affected Version

All versions prior to 9.0.2

Version 10.0.0

1.4        Vulnerability Attribution

These vulnerabilities were discovered and reported Kubernetes.

1.5        Risk Impact

Kubernetes is an open-source container-orchestration system for automating computer application deployment, scaling, and management.

Per this website there is widespread adoption of Kubernetes (91%), especially in production environments (75%). Supported by a robust community of contributors, Kubernetes has taken significant market share away from other container management tools such as Docker Swarm and Amazon Elastic Container Service (ECS).

Kubernetes

Exploiting this vulnerability can lead to exfiltration of sensitive data via path traversal and affecting the entire organization’s production infrastructure confidential information . There are no publicly available exploits.

1.6        Virsec Security Platform (VSP) Support:

VSP-Web has capability that can detect Path Traversal attacks and prevent this attack from being exploited.

1.7        Reference Links:

 

Download the full vulnerability report to learn more about this and other important vulnerabilities.

Do you have a request for a vulnerability Virsec Security Research Lab to explore? Let us know!