Unknown · Kube-Proxy · CVE-2021-25736
**Name of the Vulnerable Software and Affected Versions**
Kube-proxy versions (affected versions not specified)
**Description**
The issue concerns Kube-proxy on Windows, which can unintentionally forward traffic to local processes listening on the same port (`spec.ports[*].port`) as a LoadBalancer Service. This occurs when the LoadBalancer controller does not set the `status.loadBalancer.ingress[].ip` field. Clusters where the LoadBalancer controller sets this field are unaffected.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.